bin/71786: adduser breaks if /sbin/nologin is included in /etc/shells

Andrew Hayden andrew.hayden at
Wed Sep 15 23:40:21 PDT 2004

>Number:         71786
>Category:       bin
>Synopsis:       adduser breaks if /sbin/nologin is included in /etc/shells
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 16 06:40:19 GMT 2004
>Originator:     Andrew Hayden
>Release:        5.2.1
FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004 root at  i386
I build & installed proftpd.  I created a test user whose shell was set to '/sbin/nologin' by running adduser and specifying 'nologin' as the shell.  Then, I tried to log in to proftpd and realized that since /etc/shells doesn't contain '/sbin/nologin', proftpd would not allow me to log in.  So, I added '/sbin/nologin' to /etc/shells.

Now that I have done this, the adduser command is unable to add users whose shell is 'nologin'.  It corrupts /etc/master.passwd and requires user intervention to repair (via vipw, then pwd_mkdb -p /etc/master.passwd).

It appears that adduser chokes when /sbin/nologin is present in /etc/shells.

Here is relevant output from a session...

****BEGIN CLIP ****
root at server1[~/scripts/management]# adduser
Username: test
Full name:
Uid (Leave empty for default):
Login group [test]:
Login group is test. Invite test into other groups? []:
Login class [default]:
Shell (sh csh tcsh nologin bash false nologin) [sh]: nologin
Home directory [/home/test]:
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]: yes
Lock out the account after creation? [no]:
Username   : test
Password   : <random>
Full Name  :
Uid        : 1004
Class      :
Groups     : test
Home       : /home/test
Shell      : /sbin/nologin
Locked     : no
OK? (yes/no): yes
pwd_mkdb: corrupted entry
pwd_mkdb: at line #26
pwd_mkdb: /etc/master.passwd: Inappropriate file type or format
pw: passwd file update: Inappropriate ioctl for device
adduser: ERROR: There was an error adding user (test).
Add another user? (yes/no): no

root at server1[~/scripts/management]# cat /etc/shells
# $FreeBSD: src/etc/shells,v 1.5 2000/04/27 21:58:46 ache Exp $
# List of acceptable shells for chpass(1).
# Ftpd will not allow users to connect who are not using
# one of these shells.


root at server1[~/scripts/management]# cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.34 2003/04/27 05:45:29 imp Exp $
[[[ lots of stuff omitted for bug report, next line is line 23]]]
aexx:[omitted for bug report]:1003:1003::0:0:Aexx:/home/aexx:/sbin/nologin

test:$1$1k7RDJ9C$fqwDyAI8dBzN63sSi7Ly..:1004:1004::0:0:User &:/home/test:/sbin/nologin
**** END CLIP ****
1. Ensure that /etc/shells does not contain '/sbin/nologin'.
2. Create a user with 'adduser' whose shell is 'nologin'.
3. Delete that user.
4. Add '/sbin/nologin' to /etc/shells.
5. Repeat step 2 exactly as you did before.
6. Examine /etc/master.passwd with vipw and confirm corrupted entry.

More information about the freebsd-bugs mailing list