Problem: A recent security scan is hitting on the fact that the postgres account has the login shell set to /bin/bash. Is it possible for it to run correctly if the shell is changed to /sbin/nologin?
Expected outcome: foreman/katello continues to operate normally.
Foreman and Proxy versions: 3.0.1 - katello 4.2.1
Foreman and Proxy plugin versions:
Distribution and version: CentOS 7.9
Other relevant data:
Well, that’s a question for the postgresql community or google.
If you can access redhat solutions: Does postgres account need /bin/bash? Can it be changed to /sbin/nologin? - Red Hat Customer Portal
Otherwise simply google for “postgresql postgres user login shell /bin/bash” or similar to find question and answers…
Or ask the postgresql community if it’s still true that it’s not possible…
Thanks! That helped! 