apache, ftp etc users

Gerard Beekmans gerard at linuxfromscratch.org
Wed Dec 20 11:58:58 PST 2000


On December 20, 2000 02:56 pm, you wrote:
> Gerard Beekmans [gerard at linuxfromscratch.org] wrote:
> > groupadd groupname
> > useradd -g groupname -s /bin/false username
>
> There was quite a bit of discussion on linuxsecurity mailing list about
> using /bin/false as the shell.  Seems to be some difference of opinion
> about the "best" or "safest" way to handle this...

It's at least safer than using /bin/bash as the shell for starters. By 
starting not giving it a password you're safe. I then usually add /bin/false 
as the shell just "in case". You can, if you use shadow'ed passwords, even 
set the 'bin' and other users accounts to expired or something which would 
also prevent logging in. 

-- 
Gerard Beekmans
www.linuxfromscratch.org

-*- If Linux doesn't have the solution, you have the wrong problem -*-

-- 
Unsubscribe: send email to lfs-discuss-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message




More information about the lfs-dev mailing list