On Thu, 10 Jan 2019 at 16:09, Kenneth Porter shiva@sewingwitch.com wrote:
I updated to CentOS 7.6 and something must have changed in the base OS setup that prevents vsftpd from allowing logins for accounts with /sbin/nologin as their shell. I had to add that to /etc/shells so that such accounts could FTP again. That file is in the setup package. Did it include /sbin/nologin before? I don't have anything in my notes from setting up the system last year about changing that. What's the history of shells listed in /etc/shells?
So I think this is a side effect of a long term argument of the security nature of /sbin/nologin
https://serverfault.com/questions/328395/nologin-in-etc-shells-is-dangerous-... https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
The second thread goes over me being an idiot in multiple places...
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos