On 14/05/18 03:29 AM, Per Jessen wrote:
Anton Aylward wrote:
On 13/05/18 06:14 PM, John Andersen wrote:
Most have nologin or /bin/false.
Next Up: "why do some have 'nologin' and some have 'false'?"
/sbin/nologin is more polite, and you can customise the message. /usr/bin/false says nothing.
100% true and accurate and 50% not answering the intent of my question Column 1: "nologin" accounts nscd vnc polkitd scard rpc pulse statd nm-openvpn colord qemu usbmux systemd-timesync lirc systemd-network systemd-bus-proxy Column 2: "false" accounts mail wwwrun avahi-autoipd messagebus ntp tftp dnsmasq sshd rtkit postfix avahi sddm mysql kdm fetchmail dovecot dovenull If pressed, I could justify a few, *perhaps*, of the "false", but then there are some in the 'nologin' column that I think should be in the 'false' and vice versa. Many years ago there was a paper that impressed me: "Life without root[1]". It was about how auxiliary login accounts could be used to delegate functions that are normally reserved for root. The paper described administration of printers and of UUCP, which tells you it comes from a century ago! Perhaps some of these are suitable for that kind of administration? [1] LISA IV, Colorado Springs, October 1990. Steve Simmons, ITI. Abstract: "Often the people most qualified to perform certain system administration tasks are not necessarily qualified to have root access in general. This paper will discuss the rationale and methods for having non-root accounts do some types of systems administration. We will discuss two subsystems which we are currently administering without root and apply that experience to suggest some general rules. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org