NCPA 3.2.2 update login shell for nagios user on Linux systems
Posted: Wed Jan 07, 2026 2:50 pm
As per NCPA 3.2.2 changelog: Update login shell for nagios user on Linux systems to /sbin/nologin for improved security.
1. On systems with NCPA already installed, after upgrading to 3.2.2, the nagios user remains /bin/sh, shouldn't the upgrade perform a usermod to set /sbin/nologin?
2. nologin canonical path on modern Linux distributions is /usr/sbin/nologin, and though /sbin/nologin most likely is synlinked, not all distros have both. Setting /sbin/nologin will still deny the login, but for the wrong reason. Perhaps a logical check is required to set /usr/sbin/nologin if identified (assume the upgrade performs a usermod)?
1. On systems with NCPA already installed, after upgrading to 3.2.2, the nagios user remains /bin/sh, shouldn't the upgrade perform a usermod to set /sbin/nologin?
2. nologin canonical path on modern Linux distributions is /usr/sbin/nologin, and though /sbin/nologin most likely is synlinked, not all distros have both. Setting /sbin/nologin will still deny the login, but for the wrong reason. Perhaps a logical check is required to set /usr/sbin/nologin if identified (assume the upgrade performs a usermod)?