Bug 2102 - No specified shell in passwd allows login
No specified shell in passwd allows login
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Michael K. Johnson
Depends On:
  Show dependency treegraph
Reported: 1999-04-09 19:59 EDT by Joshua Jensen
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 1999-04-12 19:29:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Joshua Jensen 1999-04-09 19:59:58 EDT
Only tested on RHL 5.2 Intel, but if the last field in
/etc/passwd is cleared, then login IS permitted (with bash I
think), and the specified home directory is ignored and
replace by /

Yes, this IS a mis-configuration, but some sysadmins might
mistakenly think that this is a viable substitute for
/bin/false or /dev/null.
Comment 1 Chris Siebenmann 1999-04-09 23:31:59 EDT
In /etc/passwd, an omitted shell historically means '/bin/sh'
(although not all programs get it right). If it gave one a home
directory of /, it would be broken, but in a quick test on a RH
5.2 Linux system it doesn't seem to.

 I don't think that pam should 'fix' this; we have environments that
need to share the password file between RedHat and other systems,
and those other systems expect the historical behavior for a blank
shell field.
Comment 2 Bill Nottingham 1999-04-12 19:29:59 EDT
The behavior when the shell field is blank is
to use the default login shell; hence, this is normal

------- Email Received From  Joshua <jtech@server1.iWSP.com> 04/13/99 19:19 -------

------- Email Received From  "Michael K. Johnson" <johnsonm@redhat.com> 04/14/99 12:09 -------

Note You need to log in before you can comment on or make changes to this bug.