Kevin Kofler wrote: >I can confirm [that Debian doesn't list nologin in /etc/shells.
I've also been researching this. 1. I have checked all current versions of Debian: wheezy (old-stable), jessie (stable), and stretch (testing). 2. Ubuntu follows suit. I have checked all supported LTS versions: lucid, precise, trusty, and xenial. 3. I'm reasonably sure that /etc/shells and nologin originally came from 4.4BSD. It's thus no surprise to find that FreeBSD ships with /sbin/nologin, but does not list it in /etc/shells. I haven't checked any other *BSDs, but I'd be willing to lay a modest wager :) 4. Arch ships nologin, but does not list it in /etc/shells. 5. I looked at NixOS. It doesn't ship nologin by default. If you install the util-linux package, that gives you nologin, but it does not add it to /etc/shells. (I think. NixOS is *odd*!) I am not arguing that popular == right. I am saying that in the absence of a compelling reason to stand out from the crowd, there is a value in consistency. Particularly where security is concerned: imagine an administrator coming a Debian background who assumes that setting the shell to nologin is a reasonable way to lock a user out of the system. Toby. _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
