[wplug] passwd file

[Henry Umansky]

"vipw" will do all the necessary file locking for you.  Hope your familiar 
with vi!!!

man vipw

-Henry

--On Friday, July 11, 2003 1:23 PM -0400 Kuzman Ganchev 
<kuzman at sccs.swarthmore.edu> wrote:r

> On Fri, Jul 11, 2003 at 12:06:31PM -0400, Chris wrote:
>>
>> I have a lot of system users that I don't what to be able to log on
>> locally. I know that I can use usermod -s /sbin/nologin username, but I
>> don't want to do that for every user.  Can I just edit the passwd file
>> manually, or are there more files that need to be changed?
>
> I think that this is in the passwd file and nowhere else; at least I
> think that's the case on Debian. I remember there being locking issues
> with editing a passwd file by hand, but I can't find a reference to it
> in the passwd man pages. Does anyone know where a reference to this
> might be? Google gave me FreeBSD's locking info, but nothing on Linux.
>
> What I did find in passwd(1) was:
>
>    Account maintenance
>        User  accounts  may be locked and unlocked with the -l and
>        -u flags.  The -l option disables an account  by  changing
>        the   password  to  a  value  which  matches  no  possible
>        encrypted value.  The -u option re-enables an  account  by
>        changing the password back to its previous value.
>
> Although I'm not sure that's what you want, especially if you're
> running sshd. If you are running sshd, you need to edit
> /etc/ssh/sshd_config, otherwise someone with an authorized_keys file
> could:
>
> ssh -l username yourmachine bash
>
> See the sshd_config(5) manual for details.
>
> Kuzman
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug



Henry Umansky
University of Pittsburgh
Computing Services and Systems Development
hmust2 [at] pitt [dot] edu
(412) 624 -4357