* Colin Watson <[email protected]> [250328 13:03]:
On Fri, Mar 28, 2025 at 12:30:55PM +0100, Marc Haber wrote:
I have recently noticed that we ship a number of users with their shell
set to /usr/sbin/nologin:
[...]
Hence, /usr/sbin/nologin is in login:
[3/4959]mh@swivel:~ $ dpkg --search /usr/sbin/nologin
login: /usr/sbin/nologin
which is part of util-linux but not essential (but already frozen).
Can we live with shipping users that have their shell pointing to a file
that does not necessarily exist on all systems?
[ ] No
[ ] for trixie
[ ] for forky
[x] yes
The purpose of using /usr/sbin/nologin rather than something like
/bin/false is really just to provide a clearer error message if you
try to log into an account that isn't available. If you don't have
login installed, then you're unlikely to be trying to log into an
account, so it doesn't matter.
Even if you do somehow try to log in without /usr/sbin/nologin being
installed, you effectively just get a less clear error message. I
think we can live with that.
Thank you for articulating so well what I couldn't earlier today.
I think this is fine.
Chris
_______________________________________________
Pkg-shadow-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
