Now kimchi uses host system users to login.
In fedora most of system users are not allowed to login.
so we should filter
them.
but in ubuntu, it seems most system
user still can login. but their pw_shell are /bin/sh it is softlink
to /bin/bash
Now I'd like to just list the users who's pw_shell are /bin/bash
Not sure all distribution can works well by this way.
I have just checked fedora and ubuntu, seems it can works.
so any one can help check if any exception on your distribution?
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL
Stack:/var/lib/avahi-autoipd:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:999:User for polkitd:/:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
colord:x:998:998:User for colord:/var/lib/colord:/sbin/nologin
rtkit:x:172:172:RealtimeKit:/proc:/sbin/nologin
geoclue:x:997:996:User for geoclue:/var/lib/geoclue:/sbin/nologin
chrony:x:996:995::/var/lib/chrony:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd
daemon:/dev/null:/sbin/nologin
unbound:x:995:994:Unbound DNS resolver:/etc/unbound:/sbin/nologin
openvpn:x:994:993:OpenVPN:/etc/openvpn:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD
Stack:/var/run/avahi-daemon:/sbin/nologin
pulse:x:993:991:PulseAudio System
Daemon:/var/run/pulse:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
gnome-initial-setup:x:992:989::/run/gnome-initial-setup/:/sbin/nologin
nm-openconnect:x:991:988:NetworkManager user for
OpenConnect:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
shhfeng:x:1000:1000:shhfeng:/home/shhfeng:/bin/bash
qemu:x:107:107:qemu user:/:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
radvd:x:75:75:radvd user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS
User:/var/lib/nfs:/sbin/nologin
saslauth:x:990:76:"Saslauthd user":/run/saslauthd:/sbin/nologin
guest:x:1001:1001::/home/guest:/bin/bash
nginx:x:989:984:Nginx web server:/var/lib/nginx:/sbin/nologin
but in ubuntu, it seems most system user still can login.
but their pw_shell are /bin/sh it is softlink to /bin/bash
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System
(admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
messagebus:x:102:105::/var/run/dbus:/bin/false
usbmux:x:103:46:usbmux daemon,,,:/home/usbmux:/bin/false
dnsmasq:x:104:65534:dnsmasq,,,:/var/lib/misc:/bin/false
avahi-autoipd:x:105:111:Avahi autoip
daemon,,,:/var/lib/avahi-autoipd:/bin/false
kernoops:x:106:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false
rtkit:x:107:113:RealtimeKit,,,:/proc:/bin/false
whoopsie:x:108:114::/nonexistent:/bin/false
speech-dispatcher:x:109:29:Speech
Dispatcher,,,:/var/run/speech-dispatcher:/bin/sh
avahi:x:110:116:Avahi mDNS
daemon,,,:/var/run/avahi-daemon:/bin/false
lightdm:x:111:117:Light Display
Manager:/var/lib/lightdm:/bin/false
pulse:x:112:119:PulseAudio daemon,,,:/var/run/pulse:/bin/false
hplip:x:113:7:HPLIP system user,,,:/var/run/hplip:/bin/false
colord:x:114:122:colord colour management
daemon,,,:/var/lib/colord:/bin/false
saned:x:115:123::/home/saned:/bin/false
royce:x:1000:1000:royce,,,:/home/royce:/bin/bash
libvirt-qemu:x:116:126:Libvirt
Qemu,,,:/var/lib/libvirt:/bin/false
libvirt-dnsmasq:x:117:125:Libvirt
Dnsmasq,,,:/var/lib/libvirt/dnsmasq:/bin/false
statd:x:118:65534::/var/lib/nfs:/bin/false
sshd:x:119:65534::/var/run/sshd:/usr/sbin/nologi
--
Thanks and best regards!
Sheldon Feng(冯少合)<shaohef@linux.vnet.ibm.com>
IBM Linux Technology Center