Bug 78129

Summary: Initscripts doesn't clean /etc/nologin
Product: [Retired] Red Hat Linux Reporter: jfm2
Component: initscriptsAssignee: Bill Nottingham <notting>
Status: CLOSED DUPLICATE QA Contact: Brock Organ <borgan>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: mitr, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-11-19 10:22:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description jfm2 2002-11-19 10:22:45 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.0.1) Gecko/20020830

Description of problem:
I had started a "shutdown +15" but I grew impatient and powered the box off (who
in my case causes the system to run a "shutdown now").  Next day I found only
root could connect and he got a message telling the box would be shutdown at
some time of the day before.  I finally found that this was due to a
/etc/nologin file who had been left by my shutdown +15 and not removed by
instcripts.

Version-Release number of selected component (if applicable):


How reproducible:
Didn't try

Steps to Reproduce:
1.Run a shutdown -h +15 and power off the box before shutdown completes. 
2.Reboot
3.Try to connect as normal user.  It fails.  And since there is no message
telling why I initially thought I had been hacked and attacker had tampered with
my password file. 
	

Additional info:
Comment 1 Bill Nottingham 2002-11-19 16:13:18 UTC 

*** This bug has been marked as a duplicate of 74814 ***
Comment 2 jfm2 2002-11-19 19:00:17 UTC 
Perhaps  it is correct behaviour to not clean a /etc/nologin created by a system
administrator who wants to reboot and not have users connect immediately after.
 But there should be a way to distinguish those /etc/nologin set by "shutdown"
so they can be cleaned by initscripts.  For instance shutdown could test if
there is a /etc/nologin and if it doesn't exist create one <b>and</b>
/etc/nologin.automatic so if initscripts see both then it knows it is a
/etc/nologin set by shutdown and can clean it.  An improvement could be to store
the MD5 of /etc/nologin in /etc/nologin.automatic so initscripts can check it is
the real one set by shutdown. 

Finally there should be an informative message when access is denied due to a
nologin condition: presently the user is denied acces without any explanation so
he believes he mistyped his password and 
when after sevraltruies he is still denied access he will believe the password
file has been corrupted or tampered.