On Fri, Mar 28, 2025 at 12:30:55PM +0100, Marc Haber wrote:
I have recently noticed that we ship a number of users with their shell
set to /usr/sbin/nologin:
[...]
Hence, /usr/sbin/nologin is in login:
[3/4959]mh@swivel:~ $ dpkg --search /usr/sbin/nologin
login: /usr/sbin/nologin
which is part of util-linux but not essential (but already frozen).
Can we live with shipping users that have their shell pointing to a file
that does not necessarily exist on all systems?
[ ] No
[ ] for trixie
[ ] for forky
[x] yes
The purpose of using /usr/sbin/nologin rather than something like
/bin/false is really just to provide a clearer error message if you try
to log into an account that isn't available. If you don't have login
installed, then you're unlikely to be trying to log into an account, so
it doesn't matter.
Even if you do somehow try to log in without /usr/sbin/nologin being
installed, you effectively just get a less clear error message. I think
we can live with that.
Thanks,
--
Colin Watson (he/him) [[email protected]]
_______________________________________________
Pkg-shadow-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
