Bug 80170 - incorrect login shell for mailman
Summary: incorrect login shell for mailman
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: mailman
Version: 9
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: John Dennis
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2002-12-21 07:06 UTC by Chris Ricker
Modified: 2007-04-18 16:49 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2004-10-02 00:47:34 UTC

Attachments (Terms of Use)

Description Chris Ricker 2002-12-21 07:06:21 UTC
On any everything beta2 install, I have the following system account:

mailman:x:41:41:GNU Mailing List Manager:/var/mailman:/bin/false

this shell should be /sbin/nologin, not /bin/false

Comment 1 Chris Ricker 2003-02-20 05:04:35 UTC
still true with mailman-2.1-8 in beta5

Comment 2 John Dennis 2003-02-20 17:24:41 UTC
Done - fixed in mailman-2.1.1-2

BTW current rpm is now up to mailman 2.1.1 and can be found on

Comment 3 Chris Ricker 2004-10-02 00:47:34 UTC
Sorry, should have closed this one a while ago ;-)

Comment 4 John Dennis 2004-10-04 15:04:42 UTC
Actually that was good timing as I was just considering the login
shell issue a few days ago as we were applying some SELinux fixes for
mailman.  Sometimes an admin wants to run the mailman command line
utilities, this should be done as the user mailman, that requirement
is getting even stronger with the introduction of SELinux security
policies where even root can't run things if the policy does not permit.

So I started to think whether the mailman user should be able to login
in which would require a shell. Under the current scheme one would
need to su to mailman after logging in. I tried to find what the
recommendation was on this issue, but after 30-40 minutes of searching
 I didn't identify a "convention or practice" so I put it aside
thinking I would come back to it.

What's your take Chris? Should there be a login shell for mailman so
the mailman admin can login and do admin tasks? 

Note You need to log in before you can comment on or make changes to this bug.