OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Q Yai QQ (rikimaiser.unila.ac.id)
Date: Tue Feb 27 2001 - 23:49:54 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    hai guys,...
    i try to do chpass user's shell,...
    to change his shell to /sbin/nologin

    it work,...

    but,.when i get access via ftp,....

    the server not allow me,...just for a second i get in,.. then,. disconnect
    very fast,...

    what's wrong,...

    thank's for u'r respon,.

    On Wed, 28 Feb 2001, Carroll Kong wrote:

    > At 05:47 AM 2/28/01 +0100, Roelof Osinga wrote:
    > >Rob Simmons wrote:
    > > >
    > > > /sbin/nologin as the user's shell. You also have to add this shell to
    > > > /etc/shells
    > >
    > >Alas, no.
    > >
    > >Not on 4.2 anyway. Just today - ok, technically yesterday, but who's
    > >counting? - I realized that the client was right after all. He could
    > >not log in indeed. Due to /sbin/nologin.
    > >
    > >When using regular ftpd. Using ProFTPd no problem.
    > >
    > >Ah, as a matter of fact, I was using inetd. Haven't tried
    > >daemon mode with 4.2 yet. Who knows? There might be hope, still.
    > >
    > >Roelof
    >
    > That is odd. The reason why ftpd does not work is because........ man ftpd
    > shows
    >
    > 4. The user must have a standard shell returned by
    > getusershell(3).
    >
    > So, man getusershell shows
    >
    > The getusershell() function returns a pointer to a legal user shell as
    > defined by the system manager in the file /etc/shells. If /etc/shells is
    > unreadable or does not exist, getusershell() behaves as if /bin/sh and
    > /bin/csh were listed in the file.
    >
    > This is very odd, unless I am forgetting something I did, I JUST
    > did this with a client two days ago on 4.2-STABLE. Telnet results in "not
    > authorized" or something like that, and ftpd lets them in happily. Same
    > user name and all. Please look it over, I am outright positive it
    > works! (ok, maybe 99.99999% sure). What is the error message? User
    > denied? Check man ftpd for that list of "reasons why ftpd would tell your
    > user to go away".
    >
    > -Carroll Kong
    >
    >
    > To Unsubscribe: send mail to majordomoFreeBSD.org
    > with "unsubscribe freebsd-security" in the body of the message
    >

    >>>>>>>>>>>>>>>>>*****<<<<<<<<<<<<<<<<<
    rikiunila.ac.id
    visit my homepage and sign my guestbook
    http://unilanet.unila.ac.id/~qq
    ---------------------------------------
    ---------------------------------------
                       &
                    __& &__
                   // \\

    To Unsubscribe: send mail to majordomoFreeBSD.org
    with "unsubscribe freebsd-security" in the body of the message