Red Hat Bugzilla – Bug 38092
/sbin/nologin instead of /bin/false
Last modified: 2007-04-18 12:32:53 EDT
I have a suggestion for improving Red Hat linux (I've actually seen
this in OpenBSD): Red Hat Linux adds many pseudo-users (for example
named, squid, ident, rpc, rpcuser, etc.). It adds these pseudo-users
with /bin/false shell. I suggest to add the /sbin/nologin program to the
system, and use this as the default shell of the pseudo-users. Then you
can make /sbin/nologin to complain loudly when it is executed. User can
thus spot possible break-in attempts.
We're discussing it.
Fixed in pidentd-3.0.12-5 - /sbin/nologin was added to util-linux-2.11a-4