[CentOS] /bin/false as a login shell

Vincent Knecht vknecht at club-internet.fr
Wed Mar 22 19:05:34 UTC 2006

Le Mercredi 22 Mars 2006 18:17, Kai Schaetzl a écrit :
> I see that /bin/false is not a valid shell by default on CentOS. It is
> f.i. on Suse. /bin/false is present, though. Is there a security reason
> for this? man says that nologin gives feedback that the account is not
> available while false just exits false. Anything against just adding
> /bin/false to /etc/shells?

  I'd say use /sbin/nologin instead.
It's already in /etc/shells, and is able to give a reason about why login 
fails (check its man page for that).

More information about the CentOS mailing list