Should user's shell be /bin/false?
Bug #890362 reported by
Stuart McLaren
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
glance (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
nova (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Not a big deal, but:
In swift the 'swift' user has '/bin/false' as its shell:
root@stratus11:~# finger swift
Login: swift Name:
Directory: /home/swift Shell: /bin/false
The 'glance' user is currently created with '/bin/bash':
root@stratus40:
Login: glance Name:
Directory: /var/lib/glance Shell: /bin/bash
Is '/bin/bash' required or should we switch to '/bin/false'?
Changed in glance (Ubuntu): | |
importance: | Undecided → Low |
Changed in nova (Ubuntu): | |
milestone: | none → precise-alpha-1 |
Changed in glance (Ubuntu): | |
milestone: | none → precise-alpha-1 |
Changed in nova (Ubuntu): | |
importance: | Undecided → Medium |
Changed in glance (Ubuntu): | |
importance: | Low → Medium |
Changed in nova (Ubuntu): | |
status: | New → Confirmed |
Changed in glance (Ubuntu): | |
status: | New → Confirmed |
Changed in glance (Ubuntu): | |
milestone: | precise-alpha-1 → precise-alpha-2 |
Changed in nova (Ubuntu): | |
milestone: | precise-alpha-1 → precise-alpha-2 |
summary: |
- Should glance user's shell be /bin/false? + Should nova user's shell be /bin/false? |
summary: |
- Should nova user's shell be /bin/false? + Should user's shell be /bin/false? |
To post a comment you must log in.
I'm not aware of any reason why the Glance user should have a valid shell.
As this isn't an immediate problem that's going to get OpenStack hacked, I'd suggest dropping the security restrictions and pushing this out to the Glance team for verification and fix.