On Thu, Jul 21, 2011 at 2:13 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote: > Don't give the shared "svn" user a valid shell!!!! If an administrator > needs to run operations as that user, to manipulate config files or > create new repositories, they can do "sudo -s -H -u svn" to get a > valid shell as the administrative user. Sudo can even be configured to > allow designated users such administrative access without requing > local root privileges at all.
Hmm, why didn't I think of that? It doesn't seem to work though. Setting the shell to /bin/nologin or even just fakeshell breaks everything. Is there another way to give an invalid shell?
