On Thu, Oct 23, 2008 at 10:06 AM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > Hi, > > I have been learning on my own about file permissions in Fedora 8 recently > and I have a few > questions about what I saw on my computer. I was looking at my user account > in User Manager > under properties. I noticed that my password was five characters but not six > that I use > currently. My UID is 500 and login shell is /bin/bash. Another user account > called nobody with > UID 65534 is present with a home directory /var/lib/nfs with password of five > characters and this > user has it's local password is locked. Another nobody account at user ID 99 > with login > shell /sbin/nologin with home directory as /. > > I checked further into this and realized this has been like this for several > years. I may have experimented with a user > accounts in the past but I can not remember this.
Don't Panic! >From the Debian GNU/Linux System Administrator's Manual: http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-users.html "UID 65534 is user "nobody", an account with no rights or permissions." Absolute FreeBSD has this to say about the "nobody" account: "For years, system administrators used the account "nobody" as a generic unprivileged user. They'd run web servers, proxy servers, and whatever else as nobody. This was better than running those programs as root, but not as good as having separate users for each daemon. If an intruder successfully penetrated one of these programs, he had access to them all." > Any suggestions or explanation how I use six character password but only five > is recorded in > the User manager preferences. What's the difference between /bin/bash and > /sbin/nologin? Linux doesn't know how many characters your password is until you type it in :-) It puts 5 stars there to show that it is a password field, and what you type in will not be shown. >From the man page for nologin(8) on my system: NAME nologin -- politely refuse a login ... DESCRIPTION The nologin utility displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled. ... To summarize, if a user's login shell is set to /bin/bash, they see /bin/bash when they log in the traditional way, or via SSH. If it is set to /sbin/nologin, then they can't log in either at the machine or remotely. This is useful for when you want a daemon such as sshd, httpd, or cups to run and not let it touch any files it doesn't need to. It's a bit of an abstract concept, but it is used frequently. My system has 25 users with /sbin/nologin as their shell, and I didn't add any of them. It's also useful in other ways, but I won't bore you further. > Thanks, > > Darcy -Mark C. _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
