[PATCH] nologin: new applet.

Harald Becker ralda at gmx.de
Mon Nov 7 03:21:51 UTC 2011


 Hallo Natanael!

>> Consider doing a sleep (2 or 3 seconds) after message output before
>> dieing. If nologin is run via a standard init/getty/login sequence, the
>> screen is most likely cleared shortly after exit of nologin hence humans
>> do not have a chance to read the message without a delay. In addition
>> the delay allows to slow down login attacks (paranoia).
> I think this tool is intended for passwordless accounts (daemons etc)
> and this case a delay is meaningless.

True that nologin is for daemon accounts etc. ... but in cases where a
typo leads to one of those accounts any message vanishes before a human
can read it.

IMHO is displaying a message without a final delay nothing more than
calling /bin/false with a different name. I hate such programs don't
considering the context they are used. And nologin is used in a  context
where the screen is probably cleared only milliseconds after nologin
exits (init/getty/login). So that single sleep allow humans to read the
message emitted by nologin, what else is the reason to emit such a
message if there is no chance to read? Is there any situation where that
delay before exit produces any kind of trouble?

--
Harald


More information about the busybox mailing list