Set default shell to /bin/false in /etc/default/useradd

Description

Set /bin/false as the default shell to be used for all new users.

Require an administrative user to actively set a valid login shell.

@test "Verify SHELL in /etc/default/useradd" {
  run bash -c "grep '^SHELL=/bin/false$' /etc/default/useradd"
  [ "$status" -eq 0 ]
}

useradd -D | grep '^SHELL'

sed -i 's/SHELL=.*/SHELL=\/bin\/false/' "/etc/default/useradd"