Why do some system users have /usr/bin/false as their shell and what does that mean?
Asked
Active
Viewed 3.2k times
71
-
3You may also be interested in [What is the difference between /sbin/nologin and /bin/false?](http://serverfault.com/q/519215/126632) – Michael Hampton Feb 28 '17 at 23:41
3 Answers
79
This helps to prevent users from logging on system.
Sometimes you need a user account for a specific task. Nevertheless, no one should be able to interact with this account on the computer. These are on the one hand system user accounts, on the other hand this is account, for which FTP or POP3 access is possible, but just no direct shell login.
If you look more closely at the /etc/passwd file, you will find the /bin/false command as a login shell for many system accounts. Actually, false is not a shell, but a command that does nothing and then also ends with a status code that signals an error. The result is simple. The user logs in and immediately sees the login prompt again.
Kamil Maciorowski
- 69,815
- 22
- 136
- 202
Leo Chapiro
- 15,459
- 5
- 42
- 45
-
Take a look: http://askubuntu.com/questions/138547/how-to-understand-the-ubuntu-file-system-layout – Leo Chapiro Feb 27 '17 at 15:55
-
6note that is only convention; i could install my own shell as `/random/path/foo-shell` and set it as my default in `/etc/passwd`. there **is no** guarantee. – quixotic Feb 27 '17 at 16:01
17
These users exist to be the owner of specific files or processes, and are not intended to be login accounts.
If the value of the "shell" field is not listed in /etc/shells then programs such as FTP daemons do not allow access.
Additionally, for programs that don't check /etc/shells, we make use of the fact that /bin/false will immediately return, so denying an interactive shell.
Toby Speight
- 4,866
- 1
- 26
- 36
-
Side question: What will be the advantage of creating the user to be the owner of specific files and processes? – Hassan Murtaza Aug 05 '20 at 07:52
8
Some users have /usr/bin/false, others have /sbin/nologin or even
/usr/bin/passwd.
They can either be system users that are needed to isolate program permissions, or human users of programs that use the password files for authentication.
Toby Speight
- 4,866
- 1
- 26
- 36
bbaassssiiee
- 1,393
- 1
- 11
- 17
-
2`/usr/bin/passwd` is used e.g. for mail-only accounts. Users can use ssh to change their password, but nothing else. – Simon Richter Mar 01 '17 at 12:49