Talk:Invalid shell
Ninereasons (Talk | contribs) |
(only if you need it to be) |
||
| Line 5: | Line 5: | ||
On the other hand, some FTP daemons and database authentication schemes require a standard shell, at least by default, even if it is an invalid one and even if the service provides its own shell. What's your view? Should <code>/usr/sbin/nologin</code> be in the shells database? [[User:Ninereasons|Ninereasons]] 12:30, 8 June 2006 (EDT) | On the other hand, some FTP daemons and database authentication schemes require a standard shell, at least by default, even if it is an invalid one and even if the service provides its own shell. What's your view? Should <code>/usr/sbin/nologin</code> be in the shells database? [[User:Ninereasons|Ninereasons]] 12:30, 8 June 2006 (EDT) | ||
| + | |||
| + | == only if you need it to be == | ||
| + | |||
| + | If you're running an ftpd that refuses to allow logins unless the account has a valid shell, then <s>put the shell into /etc/shells</s> get a non-retarded ftpd. Seriously, that chaps my butt pretty badly... I mean, christ, the vast majority of the situations I WANT ftp for involve wanting to give ftp out as an ALTERNATIVE to shell access. If somebody's got a shell, what do they need FTP for? =) --[[User:Jimbo|Jimbo]] 23:19, 8 June 2006 (EDT) | ||
Revision as of 23:19, 8 June 2006
/etc/shells
I wrote —
- Obviously, you don't want an invalid shell to be listed in the database of standard shells (/etc/shells).
— or do you? There seems to be a difference of opinion about this, and I'm undecided between them. My ISP's SunOS lists ftponly and nologin in /etc/shells. I've always listed these there, when I was running Linux. But the hazard is, it makes it possible for a non-root user to assign itself a non-standard shell, disabling the account - which only a super-user can fix.
On the other hand, some FTP daemons and database authentication schemes require a standard shell, at least by default, even if it is an invalid one and even if the service provides its own shell. What's your view? Should /usr/sbin/nologin be in the shells database? Ninereasons 12:30, 8 June 2006 (EDT)
only if you need it to be
If you're running an ftpd that refuses to allow logins unless the account has a valid shell, then put the shell into /etc/shells get a non-retarded ftpd. Seriously, that chaps my butt pretty badly... I mean, christ, the vast majority of the situations I WANT ftp for involve wanting to give ftp out as an ALTERNATIVE to shell access. If somebody's got a shell, what do they need FTP for? =) --Jimbo 23:19, 8 June 2006 (EDT)
