home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.sun.admin
- Path: sparky!uunet!cs.utexas.edu!zaphod.mps.ohio-state.edu!news.acns.nwu.edu!nucsrl!pex.eecs.nwu.edu!phil
- From: phil@pex.eecs.nwu.edu (William LeFebvre)
- Subject: Re: /bin/passwd modifications
- Message-ID: <1992Dec11.211903.3741@eecs.nwu.edu>
- Sender: usenet@eecs.nwu.edu (Mr. Usenet)
- Organization: EECS Department, Northwestern University
- References: <9234012.6911@mulga.cs.mu.OZ.AU> <GERD.92Dec6181312@kim.intellektik.informatik.th-darmstadt.de>
- Date: Fri, 11 Dec 1992 21:19:03 GMT
- Lines: 35
-
- In article <GERD.92Dec6181312@kim.intellektik.informatik.th-darmstadt.de> gerd@intellektik.informatik.th-darmstadt.de (Gerd Neugebauer) writes:
- >
- >In article <9234012.6911@mulga.cs.mu.OZ.AU> carl@montebello.ecom.unimelb.EDU.AU (Carl Brewer) writes:
- >
- >[...]
- >
- >CB> I want to disable the -s option on passwd (to stop users
- >CB> altering their login shells). I'm not sure if this is
- >CB> the best way to do it, but ...
- >
- >[Ideas about hacking around deleted]
- >
- >CB> or is there a better way?
- >
- >Yes there is!
- >
- >Just modify the file /etc/shells to contain approved shells. If it
- >contains only one shell nobody (except root) is able to change the
- >shell. See also passwd(1)
-
- Be aware: any user who does not have a shell listed in /etc/shells
- will not be able to do an FTP login. That is, they will not be
- able to connect to the machine's FTP server and use it with their
- username and password. This will not be a problem if everyone is
- forced to use the shell that is the only one listed in /etc/shells.
-
- By the way, I personally see nothing wrong with letting users change
- their login shells, as long as it is one of the shells listed in
- /etc/shells. My /etc/shells contains sh, csh, tcsh, and bash....
-
- William LeFebvre
- Computing Facilities Manager and Analyst
- Department of Electrical Engineering and Computer Science
- Northwestern University
- <phil@eecs.nwu.edu>
-
