bin/71786: adduser breaks if /sbin/nologin is included in
andrew.hayden at gmail.com
Wed Sep 15 23:40:21 PDT 2004
>Synopsis: adduser breaks if /sbin/nologin is included in /etc/shells
>Arrival-Date: Thu Sep 16 06:40:19 GMT 2004
>Originator: Andrew Hayden
FreeBSD server1.aexx.net 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004 root at wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC i386
I build & installed proftpd. I created a test user whose shell was set to '/sbin/nologin' by running adduser and specifying 'nologin' as the shell. Then, I tried to log in to proftpd and realized that since /etc/shells doesn't contain '/sbin/nologin', proftpd would not allow me to log in. So, I added '/sbin/nologin' to /etc/shells.
Now that I have done this, the adduser command is unable to add users whose shell is 'nologin'. It corrupts /etc/master.passwd and requires user intervention to repair (via vipw, then pwd_mkdb -p /etc/master.passwd).
It appears that adduser chokes when /sbin/nologin is present in /etc/shells.
Here is relevant output from a session...
****BEGIN CLIP ****
root at server1[~/scripts/management]# adduser
Uid (Leave empty for default):
Login group [test]:
Login group is test. Invite test into other groups? :
Login class [default]:
Shell (sh csh tcsh nologin bash false nologin) [sh]: nologin
Home directory [/home/test]:
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]: yes
Lock out the account after creation? [no]:
Username : test
Password : <random>
Full Name :
Uid : 1004
Groups : test
Home : /home/test
Shell : /sbin/nologin
Locked : no
OK? (yes/no): yes
pwd_mkdb: corrupted entry
pwd_mkdb: at line #26
pwd_mkdb: /etc/master.passwd: Inappropriate file type or format
pw: passwd file update: Inappropriate ioctl for device
adduser: ERROR: There was an error adding user (test).
Add another user? (yes/no): no
root at server1[~/scripts/management]# cat /etc/shells
# $FreeBSD: src/etc/shells,v 1.5 2000/04/27 21:58:46 ache Exp $
# List of acceptable shells for chpass(1).
# Ftpd will not allow users to connect who are not using
# one of these shells.
root at server1[~/scripts/management]# cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.34 2003/04/27 05:45:29 imp Exp $
[[[ lots of stuff omitted for bug report, next line is line 23]]]
aexx:[omitted for bug report]:1003:1003::0:0:Aexx:/home/aexx:/sbin/nologin
**** END CLIP ****
1. Ensure that /etc/shells does not contain '/sbin/nologin'.
2. Create a user with 'adduser' whose shell is 'nologin'.
3. Delete that user.
4. Add '/sbin/nologin' to /etc/shells.
5. Repeat step 2 exactly as you did before.
6. Examine /etc/master.passwd with vipw and confirm corrupted entry.
More information about the freebsd-bugs