[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SHELL=/bin/false but user can still log in
/ 2003-10-29 07:22:53 -0000
\ Hollweg, Daniel:
> Hi List,
> I have an problem with my SuSe 8.2 installation with all current
> security patches applied. If I enter /bin/false as login shell
> in the /etc/passwd the user can still login and gets shell
> access. After rebooting the system the shell entry in the
> /etc/passwd is processed correct and a login attempt is closed
> as you would expect. Other entries like home dir in the passwd
> are parsed correct.
just a thought: "rcnscd restart"
Nscd provides cacheing for the passwd(5), group(5) and
hosts(5) databases through standard libc interfaces, such
as getpwnam(3), getpwuid(3), getgrnam(3), getgrgid(3),
gethostbyname(3) and others. Each cache has a separate TTL
(time-to-live) for its data; modifying the local database
( /etc/passwd, and so forth) causes that the cache becomes
invalidated within fifteen seconds.
ah. maybe this ttl was not 15s but longer on your box?
Note that the shadow file is specifically not cached.
getspnam(3) calls remain uncached as a result.
only if nscd is used by login and companions, which I assume,
but did not verify.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here