/etc/passwd security

To disable unwanted users from logging into a shell I edit the /etc/passwd file and change their login to /sbin/nologin. Is there a purpose for the following users to have the following shells as opposed to /sbin/nologin?:

mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
iworx:x:100:101:mysql-iworx:/home/interworx:/bin/bash
vpopmail:x:108:104:vpopmail:/home/vpopmail:/bin/true
clamav:x:109:105:Clam AntiVirus:/home/clamav:/bin/false
proftpd:x:110:106:proftpd:/tmp:/bin/true
dnscache:x:111:111:djbdns:/var/djbdns:/bin/true
dnslog:x:112:112:djbdns:/var/djbdns:/bin/true
tinydns:x:113:113:djbdns:/var/djbdns:/bin/true
simscan:x:319:319::/home/simscan:/bin/false

Just curious :confused:

Hi Lightfoot,

The /bin/true and /bin/false shells basically do the same thing as /sbin/nologin, without printing any message about the account being unavailable. Those are what they are just because that was the default setting for those packages when they were installed, if you want to change them it shouldn’t hurt anything.

I’m not sure if the MySQL user needs a valid shell to function or not of the top of my head, but again that’s just the default installation setting.

I’m pretty sure you can change the iworx user’s shell to nologin and there won’t be any adverse affects (unless, for some reason, you want to login as that user of course).

Hope that helps a little,

Paul

Ok thanks Paul. The only thing I’ve noticed so far is that the /var/lib/mysql directory and files are mainly -rw-rw---- 1 mysql mysql. I guess I could put root in the mysql group if I needed to.