[Dovecot] Userdb passwd and 'nologin' users
Daniel Parthey
daniel.parthey at informatik.tu-chemnitz.de
Fri Feb 1 05:17:42 EET 2013
Hi Ben,
Ben Morrow wrote:
> + if (set->check_nologin) {
> + /* skip entries that don't have a valid shell.
> + they're again probably not real users. */
> + if (strcmp(pw->pw_shell, "/bin/false") == 0 ||
> + strcmp(pw->pw_shell, "/sbin/nologin") == 0 ||
> + strcmp(pw->pw_shell, "/usr/sbin/nologin") == 0)
> + return FALSE;
> + }
Valid shells are defined in /etc/shells and "locked" users, I would
strongly discourage from hardcoding a list of no-login shells here.
Users locked with "passwd -l" can also be detected by a ! at
the beginning of the password hash.
Regards
Daniel
--
https://plus.google.com/103021802792276734820
More information about the dovecot
mailing list