Bug 1013369

Summary: man: nologin(8) refers to /etc/nologin.txt, should refer to /var/run/nologin and /etc/nologin instead
Product: [Fedora] Fedora Reporter: Lennart Poettering <lpoetter>
Component: util-linuxAssignee: Karel Zak <kzak>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: jonathan, kzak, mluscon
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-13 10:59:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Lennart Poettering 2013-09-29 16:35:15 UTC 
Subject says it all, man page probably needs a bit of updating to be in sync what pam_nologin actually does these days. Or maybe the entire man page should move there anyway?
Comment 1 Karel Zak 2013-09-30 09:01:33 UTC 
Well, nologin is binary that is completely independent on PAM, so we have "man pam_nologin" and "man nologin". 

The command /usr/sbin/nologin really uses /etc/nologin.txt. The command is fedora specific. Yes, it's mess. I'm going to:

 * modify the command to use /var/run/nologin or /etc/nologin

 * fix the man page

 * move the command to util-linux upstream
Comment 2 Karel Zak 2013-09-30 09:03:57 UTC 
Oh, it also seems that we have two man pages:

$ rpm -qf /usr/share/man/man8/nologin.8.gz /usr/share/man/man5/nologin.5.gz                                                                    

util-linux-2.22.2-7.fc18.x86_64
man-pages-3.43-2.fc18.noarch
Comment 3 Karel Zak 2013-09-30 11:08:39 UTC 
Now when I think about it seems that your request does not make sense :-)

pam_nologin uses the files to prevents users from logging into the system when /var/run/nologin or /etc/nologin exists. The pam_nologin is global way how to disable all regular accounts (see 'grep nologin /etc/pam.d/*')

/sbin/nologin is per account setting (in /etc/passwd) and it's replacement to account shell and /etc/nologin.txt is used for non-default message. 

It means you cannot replace /etc/nologin.txt with /etc/nologin, because /etc/nologin will disable all accounts (where UID!=0).


Anyway, I'll merge nologin to utils-linux rather than maintain fedora specific implemenations and add note about pam_nologin to the man page.
Comment 4 Karel Zak 2014-01-13 10:59:05 UTC 
(In reply to Karel Zak from comment #3)
> Anyway, I'll merge nologin to utils-linux rather than maintain fedora
> specific implemenations and add note about pam_nologin to the man page.

Done in f20 (upstream commit 88407b93212275759e8a54f5d43f4cf7da67fcdf).