https://www.quora.com/How-can-bin-true-and-bin-false-Linux-utilities-be-used

MySQL :: MySQL 8.0 Reference Manual :: 2.9.2 Installing MySQL Using a Standard Source Distribution https://dev.mysql.com/doc/refman/8.0/en/installing-source-distribution.html

# Preconfiguration setup shell> groupadd mysql shell> useradd -r -g mysql -s /bin/false mysql

shell - What's the difference between /sbin/nologin and /bin/false - Unix & Linux Stack Exchange https://unix.stackexchange.com/questions/10852/whats-the-difference-between-sbin-nologin-and-bin-false

https://superuser.com/questions/1183311/why-do-some-system-users-have-usr-bin-false-as-their-shell

 

This helps to prevent users from logging on system.

Sometimes you need a user account for a specific task. Nevertheless, no one should be able to interact with this account on the computer. These are on the one hand system user accounts, on the other hand this is account, for which FTP or POP3 access is possible, but just no direct shell login.

If you look more closely at the /etc/passwd file, you will find the /bin/false command as a login shell for many system accounts. Actually, false is not a shell, but a command that does nothing and then also ends with a status code that signals an error. The result is simple. The user logs in and immediately sees the login prompt again.

When /sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.' This message can be changed with the file /etc/nologin.txt.

/bin/false is just a binary that immediately exits, returning false, when it's called, so when someone who has false as shell logs in, they're immediately logged out when false exits. Setting the shell to /bin/true has the same effect of not allowing someone to log in but false is probably used as a convention over true since it's much better at conveying the concept that person doesn't have a shell.

Looking at nologin's man page, it says it was created in 4.4 BSD (early 1990s) so it came long after false was created. The use of false as a shell is probably just a convention carried over from the early days of UNIX.

nologin is the more user-friendly option, with a customizable message given to the user trying to log in, so you would theoretically want to use that; but both nologin and false will have the same end result of someone not having a shell and not being able to ssh in.

Why do some system users have /usr/bin/false as their shell? What's the difference between /sbin/nologin and /bin/false的更多相关文章

  1. Linux useradd 与 adduser的区别, /sbin/nologin 与 /bin/bash

    摘自:https://blog.csdn.net/danson_yang/article/details/65629948 Linux useradd 与 adduser的区别, /sbin/nolo ...

  2. /sbin/nologin 和 /bin/false 的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用,而/sbin/nologin只是不允许系统login,可以使用其他ftp等服务 如果想要用false在禁止login的同时允许ftp ...

  3. 拒绝用户登录:/bin/false和/usr/sbin/nologin

    要拒绝系统用户登录,可以将其shell设置为/usr/sbin/nologin或者/bin/false 1 # usermod -s | --shell /usr/sbin/nologin usern ...

  4. Linux用户管理之使用/bin/false和/usr/sbin/nologin拒绝用户登录及其功能分析(转)

    /bin/nologin,/bin/false的意思是禁止某个用户登录. 比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s ...

  5. /bin/false 和 /usr/sbin/nologin

    比较常用的用法: #添加一个不能登录的用户 useradd -d /usr/local/apache -g apache -s /bin/false apache 要拒绝系统用户登录,可以将其shel ...

  6. 【转】WARNING! File system needs to be upgraded. You have version null and I want version 7. Run the '${HBASE_HOME}/bin/hbase migrate' script. 的解决办法

    前段时间集群出问题,hadoop和hbase启动不了了. 后来hadoop回复了,hbase死活master无法启动.打开日志发现报了以下错误: WARNING! File system needs ...

  7. System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found

    System Error:/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.15' not found 1.运行程序是,系统报错库文件libstdc++. ...

  8. /bin/false和/sbin/nologin的区别

    /bin/false是最严格的禁止login选项,一切服务都不能用./sbin/nologin只是不允许login系统 其中树莓派的/sbin/nologin文件在/usr/sbin/nologin小 ...

  9. 禁止用户登陆的 /bin/false和/sbin/nologin的区别

    1 区别 /bin/false是最严格的禁止login选项,一切服务都不能用. /sbin/nologin只是不允许login系统  小技巧: 查看 /etc/passwd文件,能看到各用户使用的sh ...

随机推荐

  1. 说说自己对hibernate一级、二级、查询、缓存的理解。

    说说自己对hibernate一级.二级.查询.缓存的理解. 2016-03-14 21:36 421人阅读 评论(0) 收藏 举报  分类: web开发(19)  版权声明:本文为博主原创文章,未经博 ...

  2. linux -- ubuntu 安装apache后,修改默认路径

    默认由apt方式安装的Apache,指定网页主目录位于:/var/www 而系统/var所分到的空间太少,所以要换路径 1.修改默认网站目录 ubuntu8.10下修改apache2的默认文档目录 默 ...

  3. 4 kafka集群部署及kafka生产者java客户端编程 + kafka消费者java客户端编程

    本博文的主要内容有   kafka的单机模式部署 kafka的分布式模式部署 生产者java客户端编程 消费者java客户端编程 运行kafka ,需要依赖 zookeeper,你可以使用已有的 zo ...

  4. Android Bigmap的操作(绘制,裁剪)

    绘制 依据某一种颜色绘制Bitmap Bitmap resultBitmap = Bitmap.createBitmap(600,800,Bitmap.Config.ARGB_8888); resul ...

  5. [ACM] poj 2017 Speed Limit

    Speed Limit Time Limit: 1000MS   Memory Limit: 30000K Total Submissions: 17030   Accepted: 11950 Des ...

  6. SQLServer------插入数据时出现IDENTITY_INSERT错误

    详细错误信息: 当 IDENTITY_INSERT 设置为 OFF 时,不能为表 'Student' 中的标识列插入显式值. 原因: 表中存在某个字段是自动增长的标识符 解决方法: set IDENT ...

  7. Java精选笔记_Java入门

    Java概述 什么是Java 是一种可以撰写跨平台应用软件的面向对象的程序设计语言 JavaSE标准版 是为开发普通桌面和商务应用程序提供的解决方案 JavaEE企业版 是为开发企业级应用程序提供的解 ...

  8. 转的:burp suite小例子

    Web安全测试时经常会遇到一些蹩脚的注射点,而因各种原因利用注射又无法获取网站管理账号或拥有网站管理权限却迟迟不能upload一个shell的时候,可能会权衡一下web权限与数据库信息,哪个是我们所需 ...

  9. 安全日志:/var/log/secure

    /var/log/secure 一般用来记录安全相关的信息,记录最多的是哪些用户登录服务器的相关日志,如果该文件很大,说明有人在破解你的 root 密码 [root@localhost ~]$ tai ...

  10. with revoked permission android.permission.CAMERA

    1,刚出现这样的问题我是直接把 CAMERA 移除掉 2.第一步判断时候授权. if (Build.VERSION.SDK_INT >= 23) { int checkCallPhonePerm ...