Re: [Dovecot] Userdb passwd and 'nologin' users

Hi Ben,

Ben Morrow wrote:

•    if (set->check_nologin) {

•            /* skip entries that don't have a valid shell.

•               they're again probably not real users. */

•            if (strcmp(pw->pw_shell, "/bin/false") == 0 ||

•                strcmp(pw->pw_shell, "/sbin/nologin") == 0 ||

•                strcmp(pw->pw_shell, "/usr/sbin/nologin") == 0)

•                    return FALSE;

•    }

Valid shells are defined in /etc/shells and "locked" users, I would strongly discourage from hardcoding a list of no-login shells here.

Users locked with "passwd -l" can also be detected by a ! at the beginning of the password hash.

Regards Daniel

https://plus.google.com/103021802792276734820