Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: lock an account
Top Forums Shell Programming and Scripting lock an account Post 302236436 by avronius on Monday 15th of September 2008 01:37:54 PM
Old 09-15-2008
root will still be able to su to the user. A test would be to su to a user that does not have root access - and try to su - to the locked user.

If you want to completely disable the account, change the default shell to /bin/false. This is a shell that doesn't exist, so will not allow root to su to it.

Code:
usermod -s /bin/false username

*LK* belongs in the second field, but again, you SHOULD NOT manually manipulate this file.
Last edited by avronius; 09-15-2008 at 02:40 PM.. Reason: added some clarity
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

how to lock keyboard without using lock command

how can I lock my keyboard while I'm away from the computer without using lock command. What other commands gives me the option to lock keyboard device? thanks (7 Replies)
Discussion started by: dianayun
7 Replies

2. UNIX for Dummies Questions & Answers

Change Account to not lock account if password expires

I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired. I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Discussion started by: stringzz
1 Replies

3. Solaris

How to lock the account after consecutive unsuccessful login

Dears, I want to lock the user's account after consecutive unsuccessful login attempts, how can I do this ? (1 Reply)
Discussion started by: mlsun
1 Replies

4. SuSE

How to lock the account after consecutive unsuccessful login in SUSE

Hi , Can anyone give ur answer for How to lock the account after consecutive unsuccessful login in SUSE Enterprise 10.2 Linux (1 Reply)
Discussion started by: karthik04
1 Replies

5. Linux

Apply disk quota to account(dedicate 3 GB to account).

Hi , I am faceing lot of problem due to "disk space is not enough". senerio is like as, In system has 5 account. a,b,c,d,e say account c if very critical. Due to other user's data, user 'c' is faceing disk space issue. I want to dedicate 3 GB for user 'c'. No user... (1 Reply)
Discussion started by: ashokd009
1 Replies

6. Red Hat

Security Question: Lock after invalid login, Session Lock and Required Minimum Password Length

Hello all, If anyone has time, I have a few questions: How do I do the following in Linux. We are using Red Hat and Oracle Enterprise Linux, which is based on Red Hat too. 1. How to lock the account after a few (like 3) invalid password attempts? 2. How do you lock a screen after 30... (1 Reply)
Discussion started by: nstarz
1 Replies

7. Cybersecurity

openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts

Hi all, I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4 when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies

8. UNIX for Advanced & Expert Users

Testing privileges -lock lockfile /var/lock/subsys/..- Permission denied

Hi all, I have to test some user priviliges. The goal is to be sure that an unauthorized user can't restart some modules (ssh, mysql etc...). I'm trying to automate it with a shell script but in same cases I got the syslog broadcast message. Is there any way to simply get a return code... (3 Replies)
Discussion started by: Dedalus
3 Replies

9. How to Post in the The UNIX and Linux Forums

Simultaneously try to execute commands after connecting to remote account to one account

I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands. ssh $ACCOUNT_DETAILS@$HOST_DETAILS cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies

LEARN ABOUT X11R4

setuid

SETUID(1)                                                     General Commands Manual                                                    SETUID(1)

NAME

       setuid - run a command with a different uid.

SYNOPSIS

       setuid username|uid   command [ args ]

DESCRIPTION

       Setuid  changes  user id, then executes the specified command.  Unlike some versions of su(1), this program doesn't ever ask for a password
       when executed with effective uid=root.  This program doesn't change the environment; it only changes the uid and then uses execvp() to find
       the command in the path, and execute it.  (If the command is a script, execvp() passes the command name to /bin/sh for processing.)

       For example,
              setuid  some_user  $SHELL
       can be used to start a shell running as another user.

       Setuid  is  useful  inside  scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
       execute some commands using the uid of the original user, instead of root.  This allows unsafe commands (such as editors and pagers) to  be
       used  in  a  non-root  mode inside a super script.  For example, an operator with permission to modify a certain protected_file could use a
       super command that simply does:
              cp protected_file temp_file
              setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
              cp temp_file protected_file
       (Note: don't use this example directly.  If the temp_file can somehow be replaced by another user, as might be the case if it's kept  in  a
       temporary  directory,  there  will  be a race condition in the time between editing the temporary file and copying it back to the protected
       file.)

AUTHOR

       Will Deich

                                                                       local                                                             SETUID(1)
All times are GMT -4. The time now is 04:32 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy