users default shell is /bin/bash !!!! security ??

Hi

I just had alook and when you create a new domain it has the box ticked for Shell access, bit silly to have it ticked by default, but not too serious I suppose.

My main concern is all email users have their shell set to /bin/bash .... surely this cant be right !!!!
take a look in /etc/vmail/passwd.domainname.co.uk
(its symlinked to /home/domainname/etc/longdomainname/passwd)

All email users have a shell by default !!!! eeeek !!!!
Please tell me im dreaming ???!!!!!????

I can't find a way to give them an invalid shell via the interface..
Should I just set them to something like /dev/null or /bin/nologin .. hmm wonder what that will break .!!

any comments,, please feel free.

What is the Jailshell and how does it work ???

thanks
andy

 

ahhh .. nice one...

thanks.. puts my heart at ease :p

What about this jailshell.... Is it worth using ?

I dont want any users to have ssh access to the server (except me of course (root)), must I set all users to jailshell, or can I put their shells as /bin/nologin ?

thanks
andy

 

Hi

Cool thanks !!!!!!!!!

How can I prevent them having SSH access Totally ??

Cheers
andy

 

Hi

Here is an extract of my passwd file :

Can I change postgres and ftp and cpanel to /bin/false ?
Surley they never login ??

The bottom 3 are the main domain users, can I change them to /bin/false as well ?
They never use ssh, I only want root to be able to SSH in.

If I change them all to /bin/false will it affect anythign else ?

thanks for the help
Andy