Red Hat Bugzilla – Bug 1013369
man: nologin(8) refers to /etc/nologin.txt, should refer to /var/run/nologin and /etc/nologin instead
Last modified: 2014-01-13 05:59:05 EST
Subject says it all, man page probably needs a bit of updating to be in sync what pam_nologin actually does these days. Or maybe the entire man page should move there anyway?
Well, nologin is binary that is completely independent on PAM, so we have "man pam_nologin" and "man nologin".
The command /usr/sbin/nologin really uses /etc/nologin.txt. The command is fedora specific. Yes, it's mess. I'm going to:
* modify the command to use /var/run/nologin or /etc/nologin
* fix the man page
* move the command to util-linux upstream
Oh, it also seems that we have two man pages:
$ rpm -qf /usr/share/man/man8/nologin.8.gz /usr/share/man/man5/nologin.5.gz
Now when I think about it seems that your request does not make sense :-)
pam_nologin uses the files to prevents users from logging into the system when /var/run/nologin or /etc/nologin exists. The pam_nologin is global way how to disable all regular accounts (see 'grep nologin /etc/pam.d/*')
/sbin/nologin is per account setting (in /etc/passwd) and it's replacement to account shell and /etc/nologin.txt is used for non-default message.
It means you cannot replace /etc/nologin.txt with /etc/nologin, because /etc/nologin will disable all accounts (where UID!=0).
Anyway, I'll merge nologin to utils-linux rather than maintain fedora specific implemenations and add note about pam_nologin to the man page.
(In reply to Karel Zak from comment #3)
> Anyway, I'll merge nologin to utils-linux rather than maintain fedora
> specific implemenations and add note about pam_nologin to the man page.
Done in f20 (upstream commit 88407b93212275759e8a54f5d43f4cf7da67fcdf).