Administration
nologin
Shell that prevents a user from logging in.
Additional Notes
nologin is a program that displays a message and exits immediately, preventing interactive login for system accounts. It is typically used as the login shell for users who should not have interactive access, such as nobody, www-data, daemon, and other system accounts.
The program prints a predefined message (usually This account is currently not available.) and exits with a non-zero status. This prevents login via SSH, terminal, or console while still allowing the account to own processes and files. It is a security practice to assign nologin or /sbin/nologin to system accounts that do not need human interaction.
Syntax
nologin
Parameters
- No parameters.
nologintakes no arguments.
Common Options
--help: Show help and exit.--version: Show version information.
Examples
grep nologin /etc/passwd
Show user accounts that have /sbin/nologin set as their login shell.
sudo usermod -s /sbin/nologin guest
Change the guest account to use nologin, preventing interactive login.
sudo -u nobody /sbin/nologin
Attempt to run nologin as the nobody user. It prints a message and exits.
Practical Notes
- The
nologinbinary is usually located at/sbin/nologinor/usr/sbin/nologin. - Some systems use
/bin/falseinstead ofnologin.nologinprints a message;/bin/falseexits silently. - Assigning
nologinto system accounts does not preventsudo,cron, or other non-login process execution. - To create a new system user with
nologin, useuseradd -r -s /sbin/nologin username. - The message printed by
nologincan be customized through the/etc/nologin.txtfile in some implementations.