[OpenIndiana-discuss] How to disable local/remote login, still allowing access to smb share?
dswartz at druber.com
Mon Oct 29 15:46:38 UTC 2012
Wrt /bin/false, I ran into such an exception: I installed freeradius on my
ubuntu main server so my astaro gateway could authenticate people. They
already had accounts on that host for email - all of them using /bin/false.
I naively tried to use the freeradius plugin "unix password" (not the right
name, but the gist is accurate.) freeradius would reject auth attempts due
to 'invalid shell'. I ended up using the pam plugin and all was well...
From: Jan Owoc [mailto:jsowoc at gmail.com]
Sent: Monday, October 29, 2012 11:24 AM
To: Discussion list for OpenIndiana
Subject: Re: [OpenIndiana-discuss] How to disable local/remote login, still
allowing access to smb share?
On Mon, Oct 29, 2012 at 9:17 AM, Dmitry Kozhinov <dima at desktopfay.com>
> I am still newbie to UNIX administration. Please advise. After setting
> up a storage server (a number of smb shares, as described at
> I ended up having a number of users at my system, each one needed only
> to access an smb share from a Windows client machine. How do I prevent
> using these usernames/passwords to login locally or remotely to the
> server, and only use them to access smb shares?
I'm not a professional UNIX administrator, but the way I've seen it done is
to set the logon shell for those users to "/bin/false". An alternative is
"/usr/bin/passwd", so they can't get a logon shell, but they can "log on" to
change their password. There are some things for which /bin/false doesn't
work, but it might be enough for your needs .
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
More information about the OpenIndiana-discuss