On Tue, 2007-05-22 at 14:03 -0400, Daniel J Walsh wrote: > > > I guess a better question would be how to tell the difference between a > valid "user" and a "service" on the system. Currently SELinux checks if > uid < 500 (GID_MIN from /etc/login.defs) or a shell from /etc/shells - > /sbin/nologin. > > This is used to make sure the labeling of the home directory is done > properly. The same issue has come up in gdm recently, where a database user showed up in the user list, because it was > 500 and had a "valid shell" (which was /sbin/nologin). We have changed gdm to not consider nologin a valid shell even if it is in /etc/shells. This is all a bit of an undefined mess of traditional behaviours... -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
