From 2d94702ff4133606cda1e51a2c8378a8e79afb9d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Wed, 13 Jul 2016 23:42:35 +0200
Subject: [PATCH] system: Change the shell of 'nobody' to 'nologin'.

Fixes <http://bugs.gnu.org/23971>.
Reported by Vincent Legoll <vincent.legoll@gmail.com>.

* gnu/system/shadow.scm (%base-user-accounts): Add 'shell' field.  Set
'home-directory' to "/nonexistent".
---
 gnu/system/shadow.scm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
index 730a9ee091a..593117ef365 100644
--- a/gnu/system/shadow.scm
+++ b/gnu/system/shadow.scm
@@ -126,7 +126,8 @@ (define %base-user-accounts
          (name "nobody")
          (uid 65534)
          (group "nogroup")
-         (home-directory "/var/empty")
+         (shell #~(string-append #$shadow "/sbin/nologin"))
+         (home-directory "/nonexistent")
          (system? #t))))
 
 (define (default-skeletons)
-- 
GitLab