I'm running R.H. 9 and I'm looking through my /etc/passwd because I haven't received my daily e-mails from the system telling me about failed attempts at ssh, new users added to the /etc/passwd file etc, and I notice the rpm account has a bash login shell, is that right? Why would the rpm utility need a login shell? What about Amanda? Let me know what you guys think.

Joe

Note: for future reference I use the term "guys" in a gender neutral way. :-)

providing a shell is compulsary in /etc/passwd
i beleve it's just so the files that RPM uses can belong specifically to the user "RPM" and be in the "RPM" group.

I can understand the requirement for a user but does the user require a shell? For example the user "nobody" that runs certain processes has a uid and a gid but does not have a shell. The default shell is a script or binary in /sbin called nologin which I'm fairly sure isn't a login shell. Here's a line for the nobody user:


nobody:x:99:99:Nobody:/:/sbin/nologin


Here's the line for the rpm user:


rpm:x:37:37::/var/lib/rpm:/bin/bash


Joe

Originally posted by viperlin
providing a shell is compulsary in /etc/passwd





Hello?

Originally posted by viperlin
Hello?

Ok,
then what is nologin? Is that the latest shell? Who puts it out nolinux that was created by nobrains?
Try to be helpful please. Look up the definition of what a shell is and get back to me.
Cheers


Joe

why don't you look up the definition of a shell and why don't you look up why REDHAT has a "nobody" account and why don't you STFU coz my server's hhd just died and i'm pissed off.


and a shell is a user interface between the user and OS to make it more pleasurable.

now my /etc/passwd looks like this:
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/false
daemon:x:2:2:daemon:/sbin:/bin/false
adm:x:3:4:adm:/var/adm:/bin/false
lp:x:4:7:lp:/var/spool/lpd:/bin/false
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/bin/false
news:x:9:13:news:/usr/lib/news:/bin/false
uucp:x:10:14:uucp:/var/spool/uucppublic:/bin/false
operator:x:11:0:operator:/root:/bin/bash
man:x:13:15:man:/usr/man:/bin/false
postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false
cron:x:16:16:cron:/var/spool/cron:/bin/false
ftp:x:21:21::/home/ftp:/bin/false
at:x:25:25:at:/var/spool/cron/atjobs:/bin/false
squid:x:31:31:Squid:/var/cache/squid:/bin/false
gdm:x:32:32:GDM:/var/lib/gdm:/bin/false
xfs:x:33:33:X Font Server:/etc/X11/fs:/bin/false
games:x:35:35:games:/usr/games:/bin/false
named:x:40:40:bind:/var/bind:/bin/false
mysql:x:60:60:mysql:/var/lib/mysql:/bin/false
postgres:x:70:70::/var/lib/postgresql:/bin/bash
apache:x:81:81:apache:/home/httpd:/bin/false
nut:x:84:84:nut:/var/state/nut:/bin/false
cyrus:x:85:12::/usr/cyrus:/bin/false
vpopmail:x:89:89::/var/vpopmail:/bin/false
alias:x:200:200::/var/qmail/alias:/bin/false
qmaild:x:201:200::/var/qmail:/bin/false
qmaill:x:202:200::/var/qmail:/bin/false
qmailp:x:203:200::/var/qmail:/bin/false
qmailq:x:204:201::/var/qmail:/bin/false
qmailr:x:205:201::/var/qmail:/bin/false
qmails:x:206:201::/var/qmail:/bin/false
postfix:x:207:207:postfix:/var/spool/postfix:/bin/false
smmsp:x:209:209:smmsp:/var/spool/mqueue:/bin/false
portage:x:250:250:portage:/var/tmp/portage:/bin/false
guest:x:405:100:guest:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/:/bin/false
john:x:1000:0::/home/john:/bin/bash
eric:x:1001:100::/home/eric:/bin/bash
sshd:x:22:22:sshd:/var/empty:/dev/null
q3:x:1002:35:Quake3 dedicated server user:/opt/quake3:/bin/bash
rob:x:1003:100::/home/rob:/bin/bash
jen:x:1004:100::/home/jen:/bin/bash
chris:x:1005:100::/home/chris:/bin/bash
chrisb:x:1006:100:Chris Browne,,,:/home/chrisb:/bin/bash
daniel:x:1007:100:Daniel Jones,,,:/home/daniel:/bin/bash
poop:x:1008:100::/home/poop:/bin/bash
austin:x:1009:100:Austin Servo,,,:/home/austin:/bin/bash

hope it helps somehow

It's rough when the HD goes, hope you manage to get your info back.
Thanks for the help.

Joe

I can think of 2 possibilities for /sbin/nologin:

1. It doesn't actually exist (as a program) and is simply there to give you an error message if you try to log in as that user.

2. If it does exist, it might be a little script that prints a "No logins allowed" message or something like that.

Having shells for these accounts should not cause any problems, and can actually be helpful if, for some reason, you need to log on as one of these "pseudo-users".

BTW, let's try to keep things civilized. A lot of people don't appreciate abusive language.

I'm ok with nologin, I understand that most of the system accounts created in /etc/passwd are there so the system can perform its duties. It used to be that the login shell for system processes was /dev/null (I think) but nologin is new to R.H. 8.x and 9.x. The man page says

NOLOGIN(8) BSD System Managerâs Manual NOLOGIN(8)

NAME
nologin - politely refuse a login

SYNOPSIS
nologin

DESCRIPTION
nologin displays a message that an account is not available and exits
non-zero. It is intended as a replacement shell field for accounts that
have been disabled.

If the file /etc/nologin.txt exists, nologin displays its contents to the
user instead of the default message.

SEE ALSO
login(1)

HISTORY
The nologin command appeared in 4.4BSD.


The reason I was asking about the shell for the rpm process was because it is poor form to have shells (bash, sh, etc) for processes that don't require logging in because it increases the likelyhood that a bug will exist that will allow a hacker to gain access to your system, and since I didn't receive my daily log delivery in my e-mail I was looking to see if any new accounts had been created and somehow covered up. I didn't think rpm needed a shell so I thought I'd put out a feeler to see if anyone knew if the shell was added by the system or if it was added by a hacker. Viperlin's passwd file doesn't have the rpm account at all so that's a little puzzling. Do any of you have the rpm account and does it have a shell like bash or sh etc?

P.S. the nologin file is identified by the file command as:

[root@FatBoy sbin]# file nologin
nologin: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), stripped


Joe

sorry bout the stress before.

my server is happy again and running IPCop.

using the info from above the nologin shell is just a script that prints a user friendly message saying that login is not availiable with this account and exits.

there is your answer, instead of nothing, you get a nice message telling you why not.

it's purely for userfriendlyness.

now i'm going to go kill fellow humans in SOCOM: US Navy SEALS on my new broadband enabled PS2. :D