Le Mercredi 22 Mars 2006 20:05, Vincent Knecht a ?crit?: > Le Mercredi 22 Mars 2006 18:17, Kai Schaetzl a ?crit?: > > I see that /bin/false is not a valid shell by default on CentOS. It is > > f.i. on Suse. /bin/false is present, though. Is there a security reason > > for this? man says that nologin gives feedback that the account is not > > available while false just exits false. Anything against just adding > > /bin/false to /etc/shells? > > I'd say use /sbin/nologin instead. > It's already in /etc/shells, and is able to give a reason about why login > fails (check its man page for that). Argh, I read/reply too fast without replying to the real question, sorry... Some little research told me that some '/bin/false' versions have no real 'login' capacity, but dunno about CentOS' one.