Bug 47298 - sshd ignores /etc/nologin
sshd ignores /etc/nologin
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-07-04 11:57 EDT by chris
Modified: 2007-04-18 12:34 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-07-22 15:10:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description chris 2001-07-04 11:57:15 EDT
The manpage for sshd states:

  LOGIN PROCESS
     When a user successfully logs in, sshd does the following:
           <...>
           3.   Checks /etc/nologin; if it exists, prints contents and
                quits (unless root).

It doesn't.  Even if /etc/nologin exists, any user can still log in.
Comment 1 Pekka Savola 2001-07-22 15:10:43 EDT
Fixed in OpenSSH CVS:

20010713
 - (djm) Enable /etc/nologin check on PAM systems, as some lack the
   pam_nologin module. Report from William Yodlowsky
   <bsd@openbsd.rutgers.edu>
Comment 2 Nalin Dahyabhai 2001-09-06 08:52:16 EDT
This change will be integrated into 2.9p2-7 and later.  Thanks!
Comment 3 Dax Kelson 2006-02-01 12:36:26 EST
The OpenSSH devs should have never made that change. They reverted this in the
Feb 2005 release of OpenSSH v4.3.

Now, properly, OpenSSH defers to PAM on /etc/nologin processing.

Note You need to log in before you can comment on or make changes to this bug.