From are@communique.no  Sun May 24 07:18:21 1998
Received: from david.communique.no (ppp083.uio.no [129.240.240.88])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id HAA22318
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 24 May 1998 07:18:16 -0700 (PDT)
          (envelope-from are@communique.no)
Received: (qmail 5380 invoked by uid 1001); 24 May 1998 00:13:35 -0000
Message-Id: <19980524001335.5379.qmail@david.communique.no>
Date: 24 May 1998 00:13:35 -0000
From: are.bryne@communique.no
To: FreeBSD-gnats-submit@freebsd.org
Subject: Proposing a change to default '/nonexistent' passwd shell entry
X-Send-Pr-Version: 3.2

>Number:         6739
>Category:       conf
>Synopsis:       Proposing a change to default '/nonexistent' passwd shell entry
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    steve
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 24 07:20:00 PDT 1998
>Closed-Date:    Thu Jun 4 15:38:18 PDT 1998
>Last-Modified:  Thu Jun  4 15:39:02 PDT 1998
>Originator:     Are Bryne
>Release:        FreeBSD 2.2.6-STABLE i386
>Organization:
Communique DA
>Environment:

	FreeBSD 2.2-STABLE

>Description:

In an e-mail message Mike Smith <mike@smith.net.au> writes:
> It would (perhaps) be worthwhile adding some verbiage to the 
> description of the shell field to make it clearer that setting it to 
> refer to /sbin/nologin is the preferred technique for preventing a user 
> having any access to the system.  The current text assumes that the 
> reader already possesses this knowledge.

I ask him:
> Then perhaps the default /nonexistent 'shell' for various password file
> entries should be changed also?

The response is:
> It would probably make sense to have /sbin/nologin the default shell
> for those accounts, yes.

>How-To-Repeat:


>Fix:
	
Change all the /nonexistent entries in master.passwd to /sbin/nologin.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->steve 
Responsible-Changed-By: steve 
Responsible-Changed-When: Sun May 24 20:22:31 PDT 1998 
Responsible-Changed-Why:  
I will merge this into -stable from -current after its appropriate 
gestation period. 
State-Changed-From-To: open->closed 
State-Changed-By: steve 
State-Changed-When: Thu Jun 4 15:38:18 PDT 1998 
State-Changed-Why:  
Committed to both -current and -stable.  Thanks! 
>Unformatted:
