libuuid: use /usr/sbin/nologin instead of /bin/sh for libuuid user
Bug #1319973 reported by
Alec Warner
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
util-linux (Debian) |
Fix Released
|
Unknown
|
|||
util-linux (Ubuntu) |
Fix Released
|
High
|
Marc Deslauriers | ||
Trusty |
Triaged
|
High
|
Marc Deslauriers | ||
Utopic |
Won't Fix
|
High
|
Unassigned |
Bug Description
antarus@killbot:~$ getent passwd libuuid
libuuid:
A missing shell specification means it takes the default shell (usually /bin/sh).
DISTRIB_
DISTRIB_
DISTRIB_ID=Ubuntu
DISTRIB_
antarus@
libuuid1:
Installed: 2.20.1-5.1ubuntu20
Candidate: 2.20.1-5.1ubuntu20
It should have /usr/sbin/nologin as its shell.
-A
Changed in util-linux (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in util-linux (Ubuntu Utopic): | |
status: | New → Confirmed |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
information type: | Public → Public Security |
Changed in util-linux (Debian): | |
status: | Unknown → New |
Changed in util-linux (Ubuntu Trusty): | |
milestone: | none → trusty-updates |
Changed in util-linux (Debian): | |
status: | New → Fix Released |
Changed in util-linux (Ubuntu Utopic): | |
status: | Confirmed → Won't Fix |
tags: | added: trusty |
Changed in util-linux (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in util-linux (Ubuntu Utopic): | |
importance: | Undecided → High |
Changed in util-linux (Ubuntu): | |
importance: | Undecided → High |
Changed in util-linux (Ubuntu Trusty): | |
status: | Confirmed → Triaged |
Changed in util-linux (Ubuntu Utopic): | |
assignee: | Marc Deslauriers (mdeslaur) → nobody |
Changed in util-linux (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
summary: |
- libuuid needs a default shell (seems to not specify any?) + libuuid: use /usr/sbin/nologin instead of /bin/sh for libuuid user |
To post a comment you must log in.
This remains a potential security issue with Ubuntu 14.04.
It appears that the util-linux (2.25-5) should set the login shell as "nologin". It seems here we need an update which finds the shells already set as /bin/sh and resets them to "nlogin"