A fresh start (request for comments)
Jesse Smith
jessefrgsmith at yahoo.ca
Wed Nov 7 22:03:02 GMT 2018
On 11/7/18 5:29 PM, Jonathan de Boyne Pollard wrote:
> Jesse Smith:
>> However, the manual page for the login command still says login checks
>> /etc/nologin to see if users are blocked from signing in. There is no
>> mention of /run/login in the manual page.
>
> That is because you are looking at the wrong manual page. The login
> program is not the source of this functionality in Debian. So the bug
> is really that it is mentioned in the manual page for login at all.
>
> * https://manpages.debian.org/unstable/libpam-modules/pam_nologin.8.en.html
>
> /run/nologin is what systemd's shutdown program uses. The Debian
> shutdown shim added to runit does not create flag files.
>
> * https://manpages.debian.org/unstable/systemd-sysv/shutdown.8.en.html
>
> * https://manpages.debian.org/unstable/runit-init/shutdown.8.en.html
>
>
This would suggest that there are several problems then.
1. The login page lists /etc/nologin.
2. The Debian patch for SysV init assigns the nologin location to
/run/nologin (which at least lines up with systemd-sysv shutdown
3. The pam_nologin manual page says it uses /etc/nologin and
/var/run/nologin
So none of these locations match up and the first one probably shouldn't
be mentioned at all? Shouldn't all these packages be using the same
location to determine whether users can login or not?
More information about the Debian-init-diversity
mailing list