rawhide container systemd-nspawn fedora 30 169.254.40.164 fe80::94aa:3aff:fe7b:d4b9
$ getent passwd vu-rawhide-0 vu-rawhide-81
-vu-rawhide-0:*:20119552:65534:vu-rawhide-0:/:/sbin/nologin
-vu-rawhide-81:*:20119633:65534:vu-rawhide-81:/:/sbin/nologin
+vu-rawhide-0:*:20119552:65534:vu-rawhide-0:/:/usr/sbin/nologin
+vu-rawhide-81:*:20119633:65534:vu-rawhide-81:/:/usr/sbin/nologin
$ getent group vg-rawhide-0 vg-rawhide-81
vg-rawhide-0:*:20119552:
<title>Shell</title>
<para>The login shell of the user. If not specified, this will be set to
- <filename>/sbin/nologin</filename>, except if the UID of the user is 0, in
+ <filename>/usr/sbin/nologin</filename>, except if the UID of the user is 0, in
which case <filename>/bin/sh</filename> will be used.</para>
<para>Only applies to lines of type <varname>u</varname> and should otherwise
be left unset (or <literal>-</literal>). It is recommended to omit this, unless
- a shell different <filename>/sbin/nologin</filename> must be used.</para>
+ a shell different <filename>/usr/sbin/nologin</filename> must be used.</para>
</refsect2>
</refsect1>
['umount', '/usr/bin/umount', 'UMOUNT_PATH'],
['loadkeys', '/usr/bin/loadkeys', 'KBD_LOADKEYS'],
['setfont', '/usr/bin/setfont', 'KBD_SETFONT'],
+ ['nologin', '/usr/sbin/nologin', ],
]
foreach prog : progs
path = get_option(prog[0] + '-path')
option('umount-path', type : 'string', description : 'path to umount')
option('loadkeys-path', type : 'string', description : 'path to loadkeys')
option('setfont-path', type : 'string', description : 'path to setfont')
+option('nologin-path', type : 'string', description : 'path to nologin')
option('debug-shell', type : 'string', value : '/bin/sh',
description : 'path to debug shell binary')
*home = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : "/";
if (shell)
- *shell = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : "/sbin/nologin";
+ *shell = FLAGS_SET(flags, USER_CREDS_CLEAN) ? NULL : NOLOGIN;
return 0;
}
}
if (synthesize_nobody() &&
u == UID_NOBODY) {
- s = strdup("/sbin/nologin");
+ s = strdup(NOLOGIN);
if (!s)
return -ENOMEM;
pwd->pw_gecos = buffer;
pwd->pw_passwd = (char*) "*"; /* locked */
pwd->pw_dir = (char*) "/";
- pwd->pw_shell = (char*) "/sbin/nologin";
+ pwd->pw_shell = (char*) NOLOGIN;
return NSS_STATUS_SUCCESS;
pwd->pw_gecos = buffer;
pwd->pw_passwd = (char*) "*"; /* locked */
pwd->pw_dir = (char*) "/";
- pwd->pw_shell = (char*) "/sbin/nologin";
+ pwd->pw_shell = (char*) NOLOGIN;
return NSS_STATUS_SUCCESS;
#define DYNAMIC_USER_GECOS "Dynamic User"
#define DYNAMIC_USER_PASSWD "*" /* locked */
#define DYNAMIC_USER_DIR "/"
-#define DYNAMIC_USER_SHELL "/sbin/nologin"
+#define DYNAMIC_USER_SHELL NOLOGIN
static const struct passwd root_passwd = {
.pw_name = (char*) "root",
.pw_gid = GID_NOBODY,
.pw_gecos = (char*) "User Nobody",
.pw_dir = (char*) "/",
- .pw_shell = (char*) "/sbin/nologin",
+ .pw_shell = (char*) NOLOGIN,
};
static const struct group root_group = {
}
static const char* default_shell(uid_t uid) {
- return uid == 0 ? "/bin/sh" : "/sbin/nologin";
+ return uid == 0 ? "/bin/sh" : NOLOGIN;
}
static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char **tmpfile_path) {
test_get_user_creds_one("root", "root", 0, 0, "/root", "/bin/sh");
test_get_user_creds_one("0", "root", 0, 0, "/root", "/bin/sh");
- test_get_user_creds_one(NOBODY_USER_NAME, NOBODY_USER_NAME, UID_NOBODY, GID_NOBODY, "/", "/sbin/nologin");
- test_get_user_creds_one("65534", NOBODY_USER_NAME, UID_NOBODY, GID_NOBODY, "/", "/sbin/nologin");
+ test_get_user_creds_one(NOBODY_USER_NAME, NOBODY_USER_NAME, UID_NOBODY, GID_NOBODY, "/", NOLOGIN);
+ test_get_user_creds_one("65534", NOBODY_USER_NAME, UID_NOBODY, GID_NOBODY, "/", NOLOGIN);
test_get_group_creds_one("root", "root", 0);
test_get_group_creds_one("0", "root", 0);
-u1:x:222:222::/:/sbin/nologin
+u1:x:222:222::/:NOLOGIN
-u1:x:300:300::/:/sbin/nologin
-u2:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:/sbin/nologin
+u1:x:300:300::/:NOLOGIN
+u2:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:NOLOGIN
systemd-network:x:492:492:Systemd Network Management:/:/usr/sbin/nologin
systemd-resolve:x:491:491:Systemd Resolver:/:/usr/sbin/nologin
systemd-timesync:x:493:493:Systemd Time Synchronization:/:/usr/sbin/nologin
-u1:x:222:222::/:/sbin/nologin
+u1:x:222:222::/:NOLOGIN
+::::::
root:x:0:0:root:/root:/bin/bash
-systemd-coredump:x:1:1:systemd Core Dumper:/:/sbin/nologin
+systemd-coredump:x:1:1:systemd Core Dumper:/:NOLOGIN
-u1:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX:some gecos:/random/dir:/sbin/nologin
+u1:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX:some gecos:/random/dir:NOLOGIN
u2:x:777:777:some gecos:/random/dir:/bin/zsh
u3:x:778:778::/random/dir2:/bin/bash
u4:x:779:779::/:/bin/csh
-foo:x:301:301::/:/sbin/nologin
-aaa:x:303:302::/:/sbin/nologin
-bbb:x:304:302::/:/sbin/nologin
-ccc:x:305:305::/:/sbin/nologin
+foo:x:301:301::/:NOLOGIN
+aaa:x:303:302::/:NOLOGIN
+bbb:x:304:302::/:NOLOGIN
+ccc:x:305:305::/:NOLOGIN
-yyy:x:311:310::/:/sbin/nologin
-xxx:x:312:310::/:/sbin/nologin
+yyy:x:311:310::/:NOLOGIN
+xxx:x:312:310::/:NOLOGIN
root:x:0:0::/root:/bin/sh
-daemon:x:1:1::/usr/sbin:/sbin/nologin
-bin:x:2:2::/bin:/sbin/nologin
-sys:x:3:3::/dev:/sbin/nologin
-sync:x:4:65534::/bin:/sbin/nologin
-games:x:5:60::/usr/games:/sbin/nologin
-man:x:6:12::/var/cache/man:/sbin/nologin
-lp:x:7:7::/var/spool/lpd:/sbin/nologin
-mail:x:8:8::/var/mail:/sbin/nologin
-news:x:9:9::/var/spool/news:/sbin/nologin
-uucp:x:10:10::/var/spool/uucp:/sbin/nologin
-proxy:x:13:13::/bin:/sbin/nologin
-www-data:x:33:33::/var/www:/sbin/nologin
-backup:x:34:34::/var/backups:/sbin/nologin
-list:x:38:38::/var/list:/sbin/nologin
-irc:x:39:39::/var/run/ircd:/sbin/nologin
-gnats:x:41:41::/var/lib/gnats:/sbin/nologin
-nobody:x:65534:65534::/nonexistent:/sbin/nologin
+daemon:x:1:1::/usr/sbin:NOLOGIN
+bin:x:2:2::/bin:NOLOGIN
+sys:x:3:3::/dev:NOLOGIN
+sync:x:4:65534::/bin:NOLOGIN
+games:x:5:60::/usr/games:NOLOGIN
+man:x:6:12::/var/cache/man:NOLOGIN
+lp:x:7:7::/var/spool/lpd:NOLOGIN
+mail:x:8:8::/var/mail:NOLOGIN
+news:x:9:9::/var/spool/news:NOLOGIN
+uucp:x:10:10::/var/spool/uucp:NOLOGIN
+proxy:x:13:13::/bin:NOLOGIN
+www-data:x:33:33::/var/www:NOLOGIN
+backup:x:34:34::/var/backups:NOLOGIN
+list:x:38:38::/var/list:NOLOGIN
+irc:x:39:39::/var/run/ircd:NOLOGIN
+gnats:x:41:41::/var/lib/gnats:NOLOGIN
+nobody:x:65534:65534::/nonexistent:NOLOGIN
-u1:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:/sbin/nologin
+u1:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:NOLOGIN
-bin:x:1:1::/:/sbin/nologin
-daemon:x:2:2::/:/sbin/nologin
-mail:x:8:12::/var/spool/mail:/sbin/nologin
-ftp:x:14:11::/srv/ftp:/sbin/nologin
-http:x:33:33::/srv/http:/sbin/nologin
+bin:x:1:1::/:NOLOGIN
+daemon:x:2:2::/:NOLOGIN
+mail:x:8:12::/var/spool/mail:NOLOGIN
+ftp:x:14:11::/srv/ftp:NOLOGIN
+http:x:33:33::/srv/http:NOLOGIN
-username:x:SYSTEM_UID_MAX:300::/:/sbin/nologin
+username:x:SYSTEM_UID_MAX:300::/:NOLOGIN
-user1:x:300:300::/:/sbin/nologin
-user2:x:SYSTEM_UID_MAX:300::/:/sbin/nologin
+user1:x:300:300::/:NOLOGIN
+user2:x:SYSTEM_UID_MAX:300::/:NOLOGIN
# get this value from config.h, however the autopkgtest fails with
# it
SYSTEM_UID_MAX=$(awk 'BEGIN { uid=999 } /^\s*SYS_UID_MAX\s+/ { uid=$2 } END { print uid }' /etc/login.defs)
- sed "s/SYSTEM_UID_MAX/${SYSTEM_UID_MAX}/g" "$in"
+
+ # we can't rely on config.h to get the nologin path, as autopkgtest
+ # uses pre-compiled binaries, so extract it from the systemd-sysusers
+ # binary which we are about to execute
+ NOLOGIN=$(strings $(type -p systemd-sysusers) | grep nologin)
+
+ sed -e "s/SYSTEM_UID_MAX/${SYSTEM_UID_MAX}/g" \
+ -e "s#NOLOGIN#${NOLOGIN}#g" "$in"
}
compare() {
projects / thirdparty / systemd.git / commitdiff
