From smkelly@slashnet.org Sun Nov 21 00:44:58 1999 Return-Path: Received: from area51.slashnet.org (area51.slashnet.org [208.222.214.95]) by hub.freebsd.org (Postfix) with ESMTP id E0C7914D25; Sun, 21 Nov 1999 00:44:56 -0800 (PST) (envelope-from smkelly@slashnet.org) Received: from smkelly by area51.slashnet.org with local (Exim 3.03 #1) id 11pScB-000KU1-00; Sun, 21 Nov 1999 03:44:55 -0500 Message-Id: Date: Sun, 21 Nov 1999 03:44:55 -0500 From: Sean Kelly Reply-To: smkelly@slashnet.org To: FreeBSD-gnats-submit@freebsd.org, green@FreeBSD.org Subject: OpenSSH not obiding by 'ignorenologin' X-Send-Pr-Version: 3.2 >Number: 15015 >Category: ports >Synopsis: OpenSSH is not letting a user login despite 'ignorenologin' in login.conf >Confidential: no >Severity: critical >Priority: high >Responsible: green >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Nov 21 00:50:00 PST 1999 >Closed-Date: Mon Nov 22 14:51:56 PST 1999 >Last-Modified: Mon Nov 22 14:52:37 PST 1999 >Originator: Sean Kelly >Release: FreeBSD 3.3-STABLE i386 >Organization: SlashNET / OsOnline.Org >Environment: User smkelly is a member of class 'staff'. Class staff from /etc/login.conf: staff:\ :ignorenologin:\ :ignoretime:\ :priority=-20:\ :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ :tc=default: >Description: After creating a /var/run/nologin file, all logins are denied. This includes 'smkelly', who is in the 'staff' class who SHOULD still be able to login. >How-To-Repeat: Make a class that allows logins when there is a nologin file. Put a user in the class. Make a nologin file, try to login. >Fix: Magic? I'm not exactly sure as I'm not farmilliar with the login.conf reading functions. >Release-Note: >Audit-Trail: Responsible-Changed-From-To: freebsd-ports->green Responsible-Changed-By: cpiazza Responsible-Changed-When: Sun Nov 21 10:13:31 PST 1999 Responsible-Changed-Why: Over to maintainer State-Changed-From-To: open->closed State-Changed-By: green State-Changed-When: Mon Nov 22 14:51:56 PST 1999 State-Changed-Why: I have implemented this, and it's in the port. >Unformatted: