Bug 2102 - No specified shell in passwd allows login
Summary: No specified shell in passwd allows login
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: pam
Version: 5.2
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Michael K. Johnson
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-04-09 23:59 UTC by Joshua Jensen
Modified: 2008-05-01 15:37 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 1999-04-12 23:29:44 UTC


Attachments (Terms of Use)

Description Joshua Jensen 1999-04-09 23:59:58 UTC
Only tested on RHL 5.2 Intel, but if the last field in
/etc/passwd is cleared, then login IS permitted (with bash I
think), and the specified home directory is ignored and
replace by /

Yes, this IS a mis-configuration, but some sysadmins might
mistakenly think that this is a viable substitute for
/bin/false or /dev/null.

Comment 1 Chris Siebenmann 1999-04-10 03:31:59 UTC
In /etc/passwd, an omitted shell historically means '/bin/sh'
(although not all programs get it right). If it gave one a home
directory of /, it would be broken, but in a quick test on a RH
5.2 Linux system it doesn't seem to.

 I don't think that pam should 'fix' this; we have environments that
need to share the password file between RedHat and other systems,
and those other systems expect the historical behavior for a blank
shell field.

Comment 2 Bill Nottingham 1999-04-12 23:29:59 UTC
The behavior when the shell field is blank is
to use the default login shell; hence, this is normal
behavior.

------- Email Received From  Joshua <jtech@server1.iWSP.com> 04/13/99 19:19 -------


------- Email Received From  "Michael K. Johnson" <johnsonm@redhat.com> 04/14/99 12:09 -------


Note You need to log in before you can comment on or make changes to this bug.