r2940 - trunk/BOOK/postlfs/config

Nico R. n-roeser at gmx.net
Wed Nov 17 12:47:51 PST 2004


Alexander E. Patrakov wrote:

> igor at linuxfromscratch.org wrote:
> 
>> Author: igor
>> Date: 2004-11-15 05:27:34 -0700 (Mon, 15 Nov 2004)
>> New Revision: 2940
>> 
>> Modified:
>>    trunk/BOOK/postlfs/config/etcshells.xml
>> Log:
>> Added /bin/false to /etc/shells so that ProFTPD can function
>> properly, reported by Justin Knierim.
> 
> This is at least very strange. No other distro lists /bin/false
> in /etc/shells.

Right. This is because putting /bin/false into /etc/shells causes
security problems.

I do not claim to understand everything about it; but some Googling
turned up the following (among many others):
http://www.netsys.com/sunmgr/1994-08/msg00059.html
http://forums.devshed.com/archive/t-25950

Perhaps making a symlink to /bin/false and putting this one
into /etc/passwd is better. This seems useful to me, because no other
daemons/users etc. will be affected by that, even if they
have /bin/false as their shell.

I remember that I read somewhere "Never put /bin/false
into /etc/shells.", but don't ask me where that was, and for what
reason.
-- 
Nico



More information about the blfs-book mailing list