Just figured that regular users are created by ISPConfig with a default shell of /dev/null. Unfortunately, this is invalid on Debian based systems, as the shell has to be an executable program/script. The most easy way I believe is to change the shell to /bin/false.

Looking at ISPConfig 2.2.9, I think the only place to modify this is in /root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php and change the in function deactivateuser (lines 115 - 125) the shell, so the script will now look like:function deactivateuser($user_username){
$passwort = str_rot13($this->getpasswd($user_username));
$user_attr = $this->get_user_attributes($user_username);
$uid = $user_attr["uid"];
$gid = $user_attr["gid"];
$username = $user_attr["name"];
$homedir = $user_attr["homedir"];
$shell = "/bin/false"; // <======= Change this line
$this->deluser($user_username);
$this->adduser($user_username, $uid, $gid, $username, $homedir, $shell, $passwort);
}
I believe this will work for any Linux distribution.

I think it's a good idea as /bin/false is also listed in /etc/shells, so there will be no problem with some ftp server who require a valid shell (listed in /etc/shells).

Yup, that's why I had to change it. FTP was not working.

Wow, I believe I overlooked an essential point. The testuser I created did not have the ftp checkbox ticked. As such ISPC always did reset the shell back to /dev/null by means of the 30 minute cron scripts. Not having this tick for a user means KEEP OUT completely from this system. Which is exactly what it needs to do.

When setting the ftp tick box for this user, ISPC did set the shell to /bin/false as it should.

My humble apologies to the developers, as this function is doing what it supposed to do. Please ignore my suggestion to change the code. I'll stay low for a while .....:cool:

Wow, I believe I overlooked an essential point. The testuser I created did not have the ftp checkbox ticked. As such ISPC always did reset the shell back to /dev/null by means of the 30 minute cron scripts. Not having this tick for a user means KEEP OUT completely from this system. Which is exactly what it needs to do.

When setting the ftp tick box for this user, ISPC did set the shell to /bin/false as it should.

My humble apologies to the developers, as this function is doing what it supposed to do. Please ignore my suggestion to change the code. I'll stay low for a while .....:cool:
That's right. If you give a user /bin/false as shell, he will have FTP access, no matter what you specify in the ISPConfig interface. Users without FTP access therefore get /dev/null as shell.