[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SHELL=/bin/false but user can still log in


deactivate that f$)%§)$g NSCD.

Better do a cat /dev/null > /etc/init.d/nscd
as yast in some obscure cases automatically
activates NSCD (insserv), and I never found
a config Option to block this reactivation.
(Often after SW-Installation. rpm-Scripts?)
Maybe one of the SuSE-Guys can help with this.

And then man NSCD.


Hollweg, Daniel schrieb:
Hi List,

I have an problem with my SuSe 8.2 installation with all current security patches applied.
If I enter /bin/false as login shell in the /etc/passwd the user can still login and gets shell access. After rebooting the system the shell entry in the /etc/passwd is processed correct and a login attempt is closed as you would expect. Other entries like home dir in the passwd
are parsed correct.

Any ideas?

Thanks and regards

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here