https://www.quora.com/How-can-bin-true-and-bin-false-Linux-utilities-be-used

MySQL :: MySQL 8.0 Reference Manual :: 2.9.2 Installing MySQL Using a Standard Source Distribution https://dev.mysql.com/doc/refman/8.0/en/installing-source-distribution.html

# Preconfiguration setup shell> groupadd mysql shell> useradd -r -g mysql -s /bin/false mysql

shell - What's the difference between /sbin/nologin and /bin/false - Unix & Linux Stack Exchange https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false

https://superuser.com/questions/1183311/why-do-some-system-users-have-usr-bin-false-as-their-shell

 

This helps to prevent users from logging on system.

Sometimes you need a user account for a specific task. Nevertheless, no one should be able to interact with this account on the computer. These are on the one hand system user accounts, on the other hand this is account, for which FTP or POP3 access is possible, but just no direct shell login.

If you look more closely at the /etc/passwd file, you will find the /bin/false command as a login shell for many system accounts. Actually, false is not a shell, but a command that does nothing and then also ends with a status code that signals an error. The result is simple. The user logs in and immediately sees the login prompt again.

When /sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.' This message can be changed with the file /etc/nologin.txt.

/bin/false is just a binary that immediately exits, returning false, when it's called, so when someone who has false as shell logs in, they're immediately logged out when false exits. Setting the shell to /bin/true has the same effect of not allowing someone to log in but false is probably used as a convention over true since it's much better at conveying the concept that person doesn't have a shell.

Looking at nologin's man page, it says it was created in 4.4 BSD (early 1990s) so it came long after false was created. The use of false as a shell is probably just a convention carried over from the early days of UNIX.

nologin is the more user-friendly option, with a customizable message given to the user trying to log in, so you would theoretically want to use that; but both nologin and false will have the same end result of someone not having a shell and not being able to ssh in.

Why do some system users have /usr/bin/false as their shell? What's the difference between /sbin/nologin and /bin/false的更多相关文章

  1. Linux useradd 与 adduser的区别, /sbin/nologin 与 /bin/bash

    摘自:https://blog.csdn.net/danson_yang/article/details/65629948 Linux useradd 与 adduser的区别, /sbin/nolo ...

  2. /sbin/nologin 和 /bin/false 的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用,而/sbin/nologin只是不允许系统login,可以使用其他ftp等服务 如果想要用false在禁止login的同时允许ftp ...

  3. 拒绝用户登录:/bin/false和/usr/sbin/nologin

    要拒绝系统用户登录,可以将其shell设置为/usr/sbin/nologin或者/bin/false 1 # usermod -s | --shell /usr/sbin/nologin usern ...

  4. Linux用户管理之使用/bin/false和/usr/sbin/nologin拒绝用户登录及其功能分析(转)

    /bin/nologin,/bin/false的意思是禁止某个用户登录. 比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s ...

  5. /bin/false 和 /usr/sbin/nologin

    比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s /bin/false apache 要拒绝系统用户登录,可以将其shel ...

  6. 【转】WARNING! File system needs to be upgraded. You have version null and I want version 7. Run the '${HBASE_HOME}/bin/hbase migrate' script. 的解决办法

    前段时间集群出问题,hadoop和hbase启动不了了. 后来hadoop回复了,hbase死活master无法启动.打开日志发现报了以下错误: WARNING! File system needs ...

  7. System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found

    System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found 1.运行程序是,系统报错库文件libstdc++. ...

  8. /bin/false和/sbin/nologin的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用./sbin/nologin只是不允许login系统 其中树莓派的/sbin/nologin文件在/usr/sbin/nologin小 ...

  9. 禁止用户登陆的 /bin/false和/sbin/nologin的区别

    1 区别 /bin/false是最严格的禁止login选项,一切服务都不能用. /sbin/nologin只是不允许login系统  小技巧: 查看 /etc/passwd文件,能看到各用户使用的sh ...

随机推荐

  1. (转)Linux下/etc/rc.local与/etc/init.d的区别与联系

    Linux下/etc/rc.local与/etc/init.d的区别与联系 2012-10-13 20:14:52|  分类: Linux学习|字号 订阅     1./etc/rc.local 这是 ...

  2. 基于swoole扩展实现真正的PHP数据库连接池

    转自:  http://rango.swoole.com/archives/265 PHP的数据库连接池一直以来都是一个难题,很多从PHP语言转向Java的项目,大多数原因都是因为Java有更好的连接 ...

  3. VirtualBox 配置虚拟网卡(桥接),实现主机-虚拟机网络互通

    记录下VirtualBox 配置虚拟网卡(桥接),实现主机-虚拟机网络互通过程,网上搜出来的比较乱,讲的不明不白,因此根据自己弄过一次,确认可行的方式,做个备份,方便日后查阅. 环境: 在Oracle ...

  4. php获取当月的第一天以及最后一天

    <?php header("Content-Type:text/html;charset=utf-8"); $date = date("Y-m-d H:i:s&qu ...

  5. Oracle查询优化--排序

    --普通排序 SELECT * FROM emp ORDER BY sal DESC; --使用列序排序 DESC; --组合排序 DESC; --translate函数,参数分别用A.B.C表示 S ...

  6. linux convert命令安装及使用

    linux下ImageMagick安装和使用 检查系统有无安装ImageMagick shell> rpm -qa | grep ImageMagick 没有就开始安装ImageMagick s ...

  7. html5引擎开发 -- 引擎消息中心和有限状态机 - 初步整理 一

    一 什么是有限状态机        FSM (finite-state machine),又称有限状态自动机,简称状态机,是表示有限个状态以及在这些状态之间的转移和动作等行为的数学模型.他对于逻辑以及 ...

  8. Cocos2d-x 3.0 Lua编程 之 响应Android手机的按键

    演示样例代码例如以下所看到的: local listenerKey= cc.EventListenerKeyboard:create() local function onKeyReleaseed(k ...

  9. cgitb--CGI跟踪模块(简化异常调试)

    通过启动cgitb模块,可以在web浏览器窗口查看详细的编码异常信息,而不必不停地跳转到web服务器的日志屏幕查看,更方便的定位问题: 异常解决后需关闭CGI跟踪. 在CGI脚本最前面增加如下两行,启 ...

  10. 使用keytool生成密钥对

    1.首先要用KeyTool工具来生成私匙库:(-alias别名 –validity 3650表示10年有效) keytool -genkey -alias privatekey -keystore p ...