https://www.quora.com/How-can-bin-true-and-bin-false-Linux-utilities-be-used

MySQL :: MySQL 8.0 Reference Manual :: 2.9.2 Installing MySQL Using a Standard Source Distribution https://dev.mysql.com/doc/refman/8.0/en/installing-source-distribution.html

# Preconfiguration setup shell> groupadd mysql shell> useradd -r -g mysql -s /bin/false mysql

shell - What's the difference between /sbin/nologin and /bin/false - Unix & Linux Stack Exchange https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false

https://superuser.com/questions/1183311/why-do-some-system-users-have-usr-bin-false-as-their-shell

 

This helps to prevent users from logging on system.

Sometimes you need a user account for a specific task. Nevertheless, no one should be able to interact with this account on the computer. These are on the one hand system user accounts, on the other hand this is account, for which FTP or POP3 access is possible, but just no direct shell login.

If you look more closely at the /etc/passwd file, you will find the /bin/false command as a login shell for many system accounts. Actually, false is not a shell, but a command that does nothing and then also ends with a status code that signals an error. The result is simple. The user logs in and immediately sees the login prompt again.

When /sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.' This message can be changed with the file /etc/nologin.txt.

/bin/false is just a binary that immediately exits, returning false, when it's called, so when someone who has false as shell logs in, they're immediately logged out when false exits. Setting the shell to /bin/true has the same effect of not allowing someone to log in but false is probably used as a convention over true since it's much better at conveying the concept that person doesn't have a shell.

Looking at nologin's man page, it says it was created in 4.4 BSD (early 1990s) so it came long after false was created. The use of false as a shell is probably just a convention carried over from the early days of UNIX.

nologin is the more user-friendly option, with a customizable message given to the user trying to log in, so you would theoretically want to use that; but both nologin and false will have the same end result of someone not having a shell and not being able to ssh in.

Why do some system users have /usr/bin/false as their shell? What's the difference between /sbin/nologin and /bin/false的更多相关文章

  1. Linux useradd 与 adduser的区别, /sbin/nologin 与 /bin/bash

    摘自:https://blog.csdn.net/danson_yang/article/details/65629948 Linux useradd 与 adduser的区别, /sbin/nolo ...

  2. /sbin/nologin 和 /bin/false 的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用,而/sbin/nologin只是不允许系统login,可以使用其他ftp等服务 如果想要用false在禁止login的同时允许ftp ...

  3. 拒绝用户登录:/bin/false和/usr/sbin/nologin

    要拒绝系统用户登录,可以将其shell设置为/usr/sbin/nologin或者/bin/false 1 # usermod -s | --shell /usr/sbin/nologin usern ...

  4. Linux用户管理之使用/bin/false和/usr/sbin/nologin拒绝用户登录及其功能分析(转)

    /bin/nologin,/bin/false的意思是禁止某个用户登录. 比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s ...

  5. /bin/false 和 /usr/sbin/nologin

    比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s /bin/false apache 要拒绝系统用户登录,可以将其shel ...

  6. 【转】WARNING! File system needs to be upgraded. You have version null and I want version 7. Run the '${HBASE_HOME}/bin/hbase migrate' script. 的解决办法

    前段时间集群出问题,hadoop和hbase启动不了了. 后来hadoop回复了,hbase死活master无法启动.打开日志发现报了以下错误: WARNING! File system needs ...

  7. System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found

    System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found 1.运行程序是,系统报错库文件libstdc++. ...

  8. /bin/false和/sbin/nologin的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用./sbin/nologin只是不允许login系统 其中树莓派的/sbin/nologin文件在/usr/sbin/nologin小 ...

  9. 禁止用户登陆的 /bin/false和/sbin/nologin的区别

    1 区别 /bin/false是最严格的禁止login选项,一切服务都不能用. /sbin/nologin只是不允许login系统  小技巧: 查看 /etc/passwd文件,能看到各用户使用的sh ...

随机推荐

  1. javascript -- 将数组转换为字符串:join()

    join(separator) 方法用于把数组中的所有元素放入一个字符串.元素是通过指定的分隔符进行分隔的. separator:可选,指定要使用的分隔符.如果省略该参数,则默认使用逗号作为分隔符 v ...

  2. “Chaos”的算法之Floyd算法

    倘若我们要在计算机上建立一个交通咨询系统则可以采用图的结构来表示实际的交通网络.其实现最基本的功能,求出任意两点间的最短路径, 求最短路径的经典方法有很多种,最常用的便是迪杰斯特拉算法和佛洛依德(Fl ...

  3. ubuntu环境JDK安装(转至 http://hi.baidu.com/leo_lovato/item/31d1150d31a06d8002ce1bec)

    ubuntu安装jdk 1.首先去官网http://www.oracle.com/technetwork/java/javase/downloads/index.html 下载最新版的jdk.我下载了 ...

  4. js事件总结

    事件冒泡: 什么是事件冒泡,就是最深dom节点触发事件,然后逐级向最外层触发事件.打个比方一棵dom tree:li<ul<div每级都有事件绑定,然后我们触发li的事件,这时ul上的事件 ...

  5. VMware Host Agent服务不能正常启动

    VMware Host Agent服务不能正常启动 原因及解决方法 一直都在用VMWare Server 2.0,其他都还好,就是隔三差五的会有些小问题,比如VMware Host Agent服务不能 ...

  6. java获取Mp3播放时长

    最近有一个用java获取mp3播放时长的需求,有两种,一种本地文件,一种网络文件,其中获取网络mp3播放时间的方法找了挺久终于找到个能用的了. 第一种很简单,下载个jar包  jaudiotagger ...

  7. asp.net session的使用与过期实例代码

    Session的使用 <head runat="server">    <title></title>    <script src=&q ...

  8. MathType公式编辑器快捷键操作

    快捷键操作是最常见的操作方式,MathType软件系统提供大量的快捷键操作供用户使用.使用MathType公式编辑器快捷键操作可节省大量的操作的时间,本教程将详解MathType快捷键操作. 放大或缩 ...

  9. Java 9的日期时间格式化趋近Unicode区域设置标准

        1.JDK-8148947,DataTimeFormatter的模式字母“g”:正如在LDML中定义的,字母“g”指代一个“简化儒略日期”,简化儒略日期与正常儒略日期的差别在于:(1)简化儒略 ...

  10. plsql developer中,清除登录历史

    需求描述: 在使用plsql developer的时候,发现登录的时候,有太多的历史,想要把这些登录历史清除掉, 在此记录下. 操作过程: 1.登录plsql developer(或者在登录时取消也会 ...