# Adding Users that Can't Login .....

## an0nymity

I know how to add your everyday user, but wondered if there was a default group under gentoo that didn't give the user priveledges to login, if not, then how do I go about creating users that don't have the login priveledges.

Thanks in Advance,

An0nymity

----------

## pjp

Been a while since I've done this, but I believe we (previous job) use to use /etc/shadow and disable the account via expired passwd.  'man 5 shadow'.

----------

## an0nymity

Thanks, kanuslupus, I will look up and try that when I get off work ... thanks for that tip.

If anyone else has other ways of accomplishing these, I'd greatly appreciate any input.

Thanks Again,

An0nymity

----------

## phong

You can give the user no shell.  That's the way I've done it in the past on some systems.

----------

## maxpower

Yes you should change their shell to /dev/null which will prevent login.

mAx

----------

## rac

 *maxpower wrote:*   

> Yes you should change their shell to /dev/null which will prevent login.

 

I use /bin/false.  /dev/null isn't executable on my system (which, I suppose would accidentally work).

----------

## craftyc

 *rac wrote:*   

>  *maxpower wrote:*   Yes you should change their shell to /dev/null which will prevent login. 
> 
> I use /bin/false.  /dev/null isn't executable on my system (which, I suppose would accidentally work).

 

I would also have suggested /bin/false.

----------

## daemonb

yes, I also use /bin/false for my samba users on my domaincontroller. That`s the right way  :Smile: 

cya DaemonB

----------

## roXet

I've seen people use a script that just has:

echo "Login disabled"

in it. Name that something like, nologin.sh and set the user's shell to that.

[edit]

if you do that make sure you chmod the new script correctly. I just tried it and forgot to do that =)

----------

## meyerm

Setting a "wrong" shell works, but perhaps you want to have a look at /etc/login.access. It's much more finegrained

----------

