Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

nologin(8) [minix man page]

NOLOGIN(8)						    System Management Commands							NOLOGIN(8)

NAME
nologin - politely refuse a login SYNOPSIS
nologin DESCRIPTION
The nologin command displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled. To disable all logins, investigate nologin(5). SEE ALSO
login(1), nologin(5). HISTORY
The nologin command appeared in BSD 4.4. shadow-utils 4.5 01/25/2018 NOLOGIN(8)

Check Out this Related Man Page

PAM_NOLOGIN(8)							 Linux-PAM Manual						    PAM_NOLOGIN(8)

NAME
pam_nologin - Prevent non-root users from login SYNOPSIS
pam_nologin.so [file=/path/nologin] [successok] DESCRIPTION
pam_nologin is a PAM module that prevents users from logging into the system when /var/run/nologin or /etc/nologin exists. The contents of the file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in. OPTIONS
file=/path/nologin Use this file instead the default /var/run/nologin or /etc/nologin. successok Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE. MODULE TYPES PROVIDED
The auth and acct module types are provided. RETURN VALUES
PAM_AUTH_ERR The user is not root and /etc/nologin exists, so the user is not permitted to log in. PAM_BUF_ERR Memory buffer error. PAM_IGNORE This is the default return value. PAM_SUCCESS Success: either the user is root or the nologin file does not exist. PAM_USER_UNKNOWN User not known to the underlying authentication module. EXAMPLES
The suggested usage for /etc/pam.d/login is: auth required pam_nologin.so NOTES
In order to make this module effective, all login methods should be secured by it. It should be used as a required method listed before any sufficient methods in order to get standard Unix nologin semantics. Note, the use of successok module argument causes the module to return PAM_SUCCESS and as such would break such a configuration - failing sufficient modules would lead to a successful login because the nologin module succeeded. SEE ALSO
nologin(5), pam.conf(5), pam.d(5), pam(8) AUTHOR
pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>. Linux-PAM Manual 09/19/2013 PAM_NOLOGIN(8)
Man Page

6 More Discussions You Might Find Interesting

1. Solaris

nologin shell on Solaris?

I'm setting up a Solaris 10 box to run Lawson application, which needs users to have Unix acounts, but the users will not be using interactive shell. To make it more secure, I'd rather not give them a valid shell. I know there's a trick by putting /noshell in the /etc/passwd file, but the problem... (2 Replies)
Discussion started by: GKnight
2 Replies

2. AIX

aix nologin shell

is the nologin shell available in AIX 5.2? I am familiar with the nologin shell in linux and restricting shell access but still allowing ftp etc. Can this be done in AIX? I have not been able to locate any documentation. Thanks in advance (5 Replies)
Discussion started by: zuessh
5 Replies

3. Shell Programming and Scripting

Need help regarding user with nologin

Hi, Need one clarification.. If suppose, I have disabled the login to a particular user XXX, but not deleted the user. So the scripts which must be executed using the user XXX can still be executed using that user or is it not possible..? In our tasks, we are disabling the user XXX, and after... (1 Reply)
Discussion started by: Dpu
1 Replies

4. UNIX for Dummies Questions & Answers

SSH with a nologin account

Is it possible to SSH with an account that has its shell set to /sbin/nologin? The reason I ask is because I am running an instance of nagios where I need to use SSH keys to run a check, but I am getting connect errors in Nagios. Also, what is the risk I run into if I just simply change my... (2 Replies)
Discussion started by: streetfighter2
2 Replies

5. Solaris

Is there a difference between setting a user as nologin and setting it as a role?

Trying to figure out the best method of security for oracle user accounts. In Solaris 10 they are set as regular users but have nologin set forcing the dev's to login as themselves and then su to the oracle users. In Solaris11 we have the option of making it a role because RBAC is enabled but... (1 Reply)
Discussion started by: os2mac
1 Replies

6. Shell Programming and Scripting

System shell nologin script required

Hi Part of our security audit we found that following system account's had shells configured; sync halt shutdown I believe this can be achieved by following commands: chsh -s /sbin/nologin (user) usermod -s /sbin/nologin (user) However, I would like simple script to... (5 Replies)
Discussion started by: Gamma
5 Replies