Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use nologin for service user #327

Merged
merged 2 commits into from
Jun 10, 2016
Merged

Conversation

kingpong
Copy link

@kingpong kingpong commented Jun 4, 2016

Since the service user shouldn't be logging in with an interactive shell, set the shell to /sbin/nologin.

Since the service user shouldn't be logging in with an interactive shell, set
the shell to /sbin/nologin.
@Ginja
Copy link
Contributor

Ginja commented Jun 8, 2016

Could you add a not_if guard for this?. Someone may need/want to run Consul as root, and they probably don't want to change the shell for their root user.

Create a user with /sbin/nologin only if the user isn't root.
@kingpong
Copy link
Author

@Ginja Sure thing. PR amended.

@johnbellone johnbellone merged commit 19d47fc into sous-chefs:master Jun 10, 2016
@johnbellone
Copy link
Contributor

Hm, I probably should have thought a little about this prior to merging, any implications on BSD/Solaris?

@kingpong
Copy link
Author

Not sure about Solaris. I was unable to get test kitchen to run successfully on FreeBSD (see this gist) but I did verify that FreeBSD supports nologin:

$ /sbin/nologin
This account is currently not available.

@lock
Copy link

lock bot commented Apr 25, 2020

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Apr 25, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants