https://www.quora.com/How-can-bin-true-and-bin-false-Linux-utilities-be-used

MySQL :: MySQL 8.0 Reference Manual :: 2.9.2 Installing MySQL Using a Standard Source Distribution https://dev.mysql.com/doc/refman/8.0/en/installing-source-distribution.html

# Preconfiguration setup shell> groupadd mysql shell> useradd -r -g mysql -s /bin/false mysql

shell - What's the difference between /sbin/nologin and /bin/false - Unix & Linux Stack Exchange https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false

https://superuser.com/questions/1183311/why-do-some-system-users-have-usr-bin-false-as-their-shell

 

This helps to prevent users from logging on system.

Sometimes you need a user account for a specific task. Nevertheless, no one should be able to interact with this account on the computer. These are on the one hand system user accounts, on the other hand this is account, for which FTP or POP3 access is possible, but just no direct shell login.

If you look more closely at the /etc/passwd file, you will find the /bin/false command as a login shell for many system accounts. Actually, false is not a shell, but a command that does nothing and then also ends with a status code that signals an error. The result is simple. The user logs in and immediately sees the login prompt again.

When /sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.' This message can be changed with the file /etc/nologin.txt.

/bin/false is just a binary that immediately exits, returning false, when it's called, so when someone who has false as shell logs in, they're immediately logged out when false exits. Setting the shell to /bin/true has the same effect of not allowing someone to log in but false is probably used as a convention over true since it's much better at conveying the concept that person doesn't have a shell.

Looking at nologin's man page, it says it was created in 4.4 BSD (early 1990s) so it came long after false was created. The use of false as a shell is probably just a convention carried over from the early days of UNIX.

nologin is the more user-friendly option, with a customizable message given to the user trying to log in, so you would theoretically want to use that; but both nologin and false will have the same end result of someone not having a shell and not being able to ssh in.

Why do some system users have /usr/bin/false as their shell? What's the difference between /sbin/nologin and /bin/false的更多相关文章

  1. Linux useradd 与 adduser的区别, /sbin/nologin 与 /bin/bash

    摘自:https://blog.csdn.net/danson_yang/article/details/65629948 Linux useradd 与 adduser的区别, /sbin/nolo ...

  2. /sbin/nologin 和 /bin/false 的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用,而/sbin/nologin只是不允许系统login,可以使用其他ftp等服务 如果想要用false在禁止login的同时允许ftp ...

  3. 拒绝用户登录:/bin/false和/usr/sbin/nologin

    要拒绝系统用户登录,可以将其shell设置为/usr/sbin/nologin或者/bin/false 1 # usermod -s | --shell /usr/sbin/nologin usern ...

  4. Linux用户管理之使用/bin/false和/usr/sbin/nologin拒绝用户登录及其功能分析(转)

    /bin/nologin,/bin/false的意思是禁止某个用户登录. 比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s ...

  5. /bin/false 和 /usr/sbin/nologin

    比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s /bin/false apache 要拒绝系统用户登录,可以将其shel ...

  6. 【转】WARNING! File system needs to be upgraded. You have version null and I want version 7. Run the '${HBASE_HOME}/bin/hbase migrate' script. 的解决办法

    前段时间集群出问题,hadoop和hbase启动不了了. 后来hadoop回复了,hbase死活master无法启动.打开日志发现报了以下错误: WARNING! File system needs ...

  7. System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found

    System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found 1.运行程序是,系统报错库文件libstdc++. ...

  8. /bin/false和/sbin/nologin的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用./sbin/nologin只是不允许login系统 其中树莓派的/sbin/nologin文件在/usr/sbin/nologin小 ...

  9. 禁止用户登陆的 /bin/false和/sbin/nologin的区别

    1 区别 /bin/false是最严格的禁止login选项,一切服务都不能用. /sbin/nologin只是不允许login系统  小技巧: 查看 /etc/passwd文件,能看到各用户使用的sh ...

随机推荐

  1. ffmpeg 源码分析

    http://blog.csdn.net/liuhongxiangm/article/details/8824761 https://code.google.com/p/ffmpegsource/is ...

  2. (转)I,P,B帧和PTS,DTS的关系

    基本概念: I frame :帧内编码帧 又称intra picture,I 帧通常是每个 GOP(MPEG 所使用的一种视频压缩技术)的第一个帧,经过适度地压缩,做为随机访问的参考点,可以当成图象. ...

  3. enumerate遍历列表

    enumerate 函数用于遍历序列中的元素以及它们的下标: >>> for i,j in enumerate(('a','b','c')):  print i,j 0 a 1 b ...

  4. 同一种类型的两个对象赋值,用反射。再也不用点属性了。。。。(适用于ef)

    /// <summary> /// 给对象赋值的方法(不赋地址)(同一个类型),含过滤 /// </summary> /// <typeparam name=" ...

  5. Ajax在ASP.NET MVC中上传

    HomeController.cs using System; using System.Collections.Generic; using System.Linq; using System.We ...

  6. js判断用户关闭页面或浏览器

    <html><head><meta http-equiv="Content-Type" content="text/html; charse ...

  7. Messages: No result defined for action cn.itcast.oa.test.TestAction and result SUCCESS

    Struts Problem Report Struts has detected an unhandled exception: Messages: No result defined for ac ...

  8. swift - 各种手势用法大全

    UIGestureRecognizer有许多子类,用于监听一些常见的手势事件,这些子类主要有: 1.首先创建几个view,来用于手势的检测 let view1 = UIView() let view2 ...

  9. 解决IE中img.onload失效的方法

    解决IE中img.onload失效的方法 - CoffeeCat's IT Blog - IT博客 http://www.cnitblog.com/CoffeeCat/archive/2008/02/ ...

  10. Zookeeper(一)-- 简介以及单机部署和集群部署

    一.分布式系统 由多个计算机组成解决同一个问题的系统,提高业务的并发,解决高并发问题. 二.分布式环境下常见问题 1.节点失效 2.配置信息的创建及更新 3.分布式锁 三.Zookeeper 1.定义 ...