From owner-freebsd-arch@FreeBSD.ORG Wed Jul 5 06:01:40 2006 Return-Path: X-Original-To: freebsd-arch@FreeBSD.org Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E9F1616A4DD; Wed, 5 Jul 2006 06:01:39 +0000 (UTC) (envelope-from christian.perrier@onera.fr) Received: from onera.onera.fr (onera.onera.fr [144.204.65.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5723243D45; Wed, 5 Jul 2006 06:01:38 +0000 (GMT) (envelope-from christian.perrier@onera.fr) Received: from cc-mykerinos.onera (localhost [127.0.0.1]) by onera.onera.fr with ESMTP id k6561NOx017164; Wed, 5 Jul 2006 08:01:23 +0200 (MEST) Received: by cc-mykerinos.onera (Postfix, from userid 1000) id 4462D40A276; Wed, 5 Jul 2006 07:42:51 +0200 (CEST) Date: Wed, 5 Jul 2006 07:42:51 +0200 From: Christian Perrier To: Ceri Davies , "Jari Aalto+mail.linux" , "login: please move nologin under /bin directory" <374525@bugs.debian.org>, "exim4-daemon-heavy: Use /bin/nologin instead of /bin/false in /etc/passwd" <366546-maintonly@bugs.debian.org>, "pidentd: [security] use /bin/nologin instead of /bin/false in /etc/passwd" <366545-maintonly@bugs.debian.org>, "openssh-server: [security] use /bin/nologin instead of /bin/false" <366541-maintonly@bugs.debian.org>, mstone@debian.org, anibal@debian.org, freebsd-arch@FreeBSD.org Message-ID: <20060705054251.GF5220@djedefre.onera> References: <20060509153807.16297.97467.reportbug@cante> <20060620050937.GB18750@djedefre.onera> <20060704192449.GC76109@submonkey.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="S5HS5MvDw4DmbRmb" Content-Disposition: inline In-Reply-To: <20060704192449.GC76109@submonkey.net> User-Agent: Mutt/1.5.11+cvs20060403 Cc: Subject: Re: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Jari Aalto+mail.linux" , "login: please move nologin under /bin directory" <374525@bugs.debian.org> List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jul 2006 06:01:40 -0000 --S5HS5MvDw4DmbRmb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > That's up to you; we don't consider it a system utility, that's all. >=20 > Our hier(7) is pretty clear, and we try to stick to it: >=20 > /bin/ user utilities fundamental to both single-user and > multi-user environments >=20 > /sbin/ system programs and administration utilities fundamental > to both single-user and multi-user environments As a first reaction and as one of the shadow maintainer, I'm now inclined to agree with the choice of the FreeBSD team here. The rationale is clear... I'd like to hear the one from OpenBSD to put nologin in /sbin though.. they might have a different definition of what goes in /sbin However, others might have a different point of view in Debian and I'd like to get all possible advices. I might even consider asking our Technical Commitee after a discussion in debian-devel (which I don't put much hope in based on past experience). In short, let's take a deep breath and think about all this. The standard we have to comply with in Debian is the FHS 2.3, from the policy. It states: /bin : Essential user command binaries (for use by all users) /bin contains commands that may be used by both the system administrator and by users, but which are required when no other filesystems are mounted (e.g. in single user mode). It may also contain commands which are used indirectly by scripts. /sbin : System binaries Utilities used for system administration (and other root-only commands) are stored in /sbin, /usr/sbin, and /usr/local/sbin. /sbin contains binaries essential for booting, restoring, recovering, and/or repairing the system in addition to the binaries in /bin. [18] Programs executed after /usr is known to be mounted (when there are no problems) are generally placed into /usr/sbin. Locally-installed system administration programs should be placed into /usr/local/sbin. [19] The question then shortens down to "will we need nologin when /usr is not mounted". Do we have existing or future use cases? PS: let's shorten down the CC list of these mails. My own point here is to decide what to do in Debian so we might want to stop bothering FreeBSD developers (which I took the opportunity to sy "hi" to....I have some good old friends over there). --S5HS5MvDw4DmbRmb Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEq1Fb1OXtrMAUPS0RAr/YAJ9YGmD2ve9BomZ8doAJjUxvK2s2yQCeKbKa kDPfBYU6E1mGYIqHSsUL6ZQ= =fCXw -----END PGP SIGNATURE----- --S5HS5MvDw4DmbRmb--