/ 2003-10-29 07:22:53 -0000 \ Hollweg, Daniel:
Hi List,
I have an problem with my SuSe 8.2 installation with all current security patches applied. If I enter /bin/false as login shell in the /etc/passwd the user can still login and gets shell access. After rebooting the system the shell entry in the /etc/passwd is processed correct and a login attempt is closed as you would expect. Other entries like home dir in the passwd are parsed correct.
just a thought: "rcnscd restart" Nscd provides cacheing for the passwd(5), group(5) and hosts(5) databases through standard libc interfaces, such as getpwnam(3), getpwuid(3), getgrnam(3), getgrgid(3), gethostbyname(3) and others. Each cache has a separate TTL (time-to-live) for its data; modifying the local database ( /etc/passwd, and so forth) causes that the cache becomes invalidated within fifteen seconds. ah. maybe this ttl was not 15s but longer on your box? Note that the shadow file is specifically not cached. getspnam(3) calls remain uncached as a result. only if nscd is used by login and companions, which I assume, but did not verify. Lars Ellenberg