Subject: Re: admin/15698: /etc/security vs. /etc/shells in regard to /sbin/nologin
To: NetBSD GNATS submissions and followups <email@example.com>
From: Andrew Brown <firstname.lastname@example.org>
Date: 02/23/2002 00:49:58
>> this sounds reasonable, but, iirc, will later cause accounts that have
>> no password to be declared "inactive but with a valid shell".
>Yes, of course -- that's the desired behaviour. If you don't want
>some/all of those reported then that's a different issue.
eliminating one "erroneous" message so that one gets three more is
most certainly not the point. accounts that currently have * as the
password and /sbin/nologin as the shell should not cause any message
>> a better fix might be to specifically allow /sbin/nologin as a shell
>> at the point that emits the complaint in question.
>No, I don't think so. At least with adding the shells explicitly to the
>list in the array you don't have to mess with an ever more complex
>expression in the logic of the program.....
# diff /etc/security /usr/src/etc/security
< } else if (! shells[$10] && $10 != "/sbin/nologin")
> } else if (! shells[$10])
|-----< "CODE WARRIOR" >-----|
email@example.com * "ah! i see you have the internet
firstname.lastname@example.org (Andrew Brown) that goes *ping*!"
email@example.com * "information is power -- share the wealth."