A systems administrator is tasked with changing the default shell of a system account in order to disable iterative logins. Which of the following is the best option for the administrator to use as the new shell?
Correct Answer: A
Explanation
The /sbin/nologin shell is a special shell that prevents the user from logging into an interactive session. It is commonly used for system accounts that are not meant to be accessed by users, such as daemon or service accounts. When a user tries to log in with this shell, they will see a message like "This account is currently not available" and the login will fail.
References:
The /sbin/nologin shell is listed as one of the valid shells in the /etc/shells file1.
The CompTIA Linux+ Certification Exam Objectives mention that the candidate should be able to
"configure and manage system accounts and groups, including password aging and restricted shells" as part of the Hardware and System Configuration domain2.
The usermod command can be used to change the user's login shell with the -s or --shell option3. For example, to change the shell of a user named daemon to /sbin/nologin, the command would be: sudo usermod -s /sbin/nologin daemon