diff options
author | Karel Zak | 2013-09-30 13:36:26 +0200 |
---|---|---|
committer | Karel Zak | 2013-09-30 13:36:26 +0200 |
commit | 88407b93212275759e8a54f5d43f4cf7da67fcdf (patch) | |
tree | 52a6098a9605f6d0cb69d8e7dc1932260af9bacd /login-utils | |
parent | build-sys: release++ (v2.24-rc1) (diff) | |
download | kernel-qcow2-util-linux-88407b93212275759e8a54f5d43f4cf7da67fcdf.tar.gz kernel-qcow2-util-linux-88407b93212275759e8a54f5d43f4cf7da67fcdf.tar.xz kernel-qcow2-util-linux-88407b93212275759e8a54f5d43f4cf7da67fcdf.zip |
nologin: add new command
Currently it's maintained as distro specific (or people use impolite
/bin/false way).
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils')
-rw-r--r-- | login-utils/Makemodule.am | 7 | ||||
-rw-r--r-- | login-utils/nologin.8 | 53 | ||||
-rw-r--r-- | login-utils/nologin.c | 75 |
3 files changed, 135 insertions, 0 deletions
diff --git a/login-utils/Makemodule.am b/login-utils/Makemodule.am index c5e8c07ae..aca028a29 100644 --- a/login-utils/Makemodule.am +++ b/login-utils/Makemodule.am @@ -60,6 +60,13 @@ endif endif # BUILD_LOGIN +if BUILD_NOLOGIN +sbin_PROGRAMS += nologin +dist_man_MANS += login-utils/nologin.8 +nologin_SOURCES = login-utils/nologin.c +endif + + if BUILD_UTMPDUMP usrbin_exec_PROGRAMS += utmpdump dist_man_MANS += login-utils/utmpdump.1 diff --git a/login-utils/nologin.8 b/login-utils/nologin.8 new file mode 100644 index 000000000..b4e10704e --- /dev/null +++ b/login-utils/nologin.8 @@ -0,0 +1,53 @@ +.\" -*- nroff -*- +.TH NOLOGIN 8 "September 2013" "util-linux" "System Administration" +.SH NAME +nologin \- politely refuse a login +.SH SYNOPSIS +.B nologin +.RB [ \-V ] +.RB [ \-h ] +.SH DESCRIPTION +.B nologin +displays a message that an account is not available and exits non-zero. It is +intended as a replacement shell field to deny login access to account. +.PP +If the file /etc/nologin.txt exists, nologin displays its contents to the +user instead of the default message. +.PP +The exit code returned by +.B nologin +is always 1. +.PP +.SH OPTIONS +.IP "\fB\-h, \-\-help\fP" +Print help and exit. +.IP "\fB-V, \-\-version" +Print version and exit. +.SH NOTES +.B nologin +is per-account way to disable login (usually used for system accounts like http or ftp). +.BR nologin (8) +uses /etc/nologin.txt as optional source for non-default message, the login +access is always refused independently on the file. +.PP +.BR pam_nologin (8) +PAM module usually prevents all non-root users from logging into the system. +.BR pam_nologin (8) +functionality is controled by /var/run/nologin or /etc/nologin file. +.SH AUTHORS +.UR kzak@redhat.com +Karel Zak +.UE +.SH SEE ALSO +.BR login (1), +.BR passwd (5), +.BR pam_nologin (8) +.SH HISTORY +The +.B nologin +command appeared in 4.4BSD. +.SH AVAILABILITY +The nologin command is part of the util-linux package and is available from +.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/ +Linux Kernel Archive +.UE . diff --git a/login-utils/nologin.c b/login-utils/nologin.c new file mode 100644 index 000000000..a4fb82db6 --- /dev/null +++ b/login-utils/nologin.c @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2013 Karel Zak <kzak@redhat.com> + */ + +#include <stdio.h> +#include <sys/types.h> +#include <fcntl.h> +#include <string.h> +#include <unistd.h> +#include <stdlib.h> +#include <getopt.h> + +#include "c.h" +#include "nls.h" +#include "pathnames.h" + +/* + * Always return EXIT_FAILURE (1), don't try to be smart! + */ + +static void __attribute__((__noreturn__)) usage(FILE *out) +{ + fputs(USAGE_HEADER, out); + + fprintf(out, + _(" %s [options]\n"), program_invocation_short_name); + + fputs(USAGE_OPTIONS, out); + fputs(USAGE_HELP, out); + fputs(USAGE_VERSION, out); + + fprintf(out, USAGE_MAN_TAIL("nologin(8)")); + exit(EXIT_FAILURE); +} + +int main(int argc, char *argv[]) +{ + int c, fd; + static const struct option longopts[] = { + { "help", 0, 0, 'h' }, + { "version", 0, 0, 'V' }, + { NULL, 0, 0, 0 } + }; + + setlocale(LC_ALL, ""); + bindtextdomain(PACKAGE, LOCALEDIR); + textdomain(PACKAGE); + + while ((c = getopt_long(argc, argv, "hV", longopts, NULL)) != -1) { + switch (c) { + case 'h': + usage(stdout); + break; + case 'V': + printf(UTIL_LINUX_VERSION); + return EXIT_FAILURE; + default: + usage(stderr); + break; + } + } + + fd = open(_PATH_NOLOGIN_TXT, O_RDONLY); + if (fd >= 0) { + char buf[BUFSIZ]; + ssize_t rd; + + while ((rd = read(fd, buf, sizeof(buf))) > 0) + ignore_result( write(STDOUT_FILENO, buf, rd) ); + close(fd); + } else + fprintf(stdout, _("This account is currently not available.\n")); + + return EXIT_FAILURE; +} |