root will still be able to su to the user. A test would be to su to a user that does not have root access - and try to su - to the locked user.
If you want to completely disable the account, change the default shell to /bin/false. This is a shell that doesn't exist, so will not allow root to su to it.
*LK* belongs in the second field, but again, you SHOULD NOT manually manipulate this file.
Last edited by avronius; 09-15-2008 at 02:40 PM..
Reason: added some clarity
how can I lock my keyboard while I'm away from the computer without using lock command. What other commands gives me the option to lock keyboard device?
thanks (7 Replies)
I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired.
I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Hi ,
I am faceing lot of problem due to "disk space is not enough".
senerio is like as,
In system has 5 account.
a,b,c,d,e
say account c if very critical.
Due to other user's data, user 'c' is faceing disk space issue.
I want to dedicate 3 GB for user 'c'.
No user... (1 Reply)
Hello all,
If anyone has time, I have a few questions:
How do I do the following in Linux. We are using Red Hat and Oracle Enterprise Linux, which is based on Red Hat too.
1. How to lock the account after a few (like 3) invalid password attempts?
2. How do you lock a screen after 30... (1 Reply)
Hi all,
I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4
when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Hi all,
I have to test some user priviliges. The goal is to be sure that an unauthorized user can't restart some modules (ssh, mysql etc...).
I'm trying to automate it with a shell script but in same cases I got the syslog broadcast message.
Is there any way to simply get a return code... (3 Replies)
I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands.
ssh $ACCOUNT_DETAILS@$HOST_DETAILS
cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies
LEARN ABOUT OPENSOLARIS
lckpwdf
lckpwdf(3C) Standard C Library Functions lckpwdf(3C)NAME
lckpwdf, ulckpwdf - manipulate shadow password database lock file
SYNOPSIS
#include <shadow.h>
int lckpwdf(void);
int ulckpwdf(void);
DESCRIPTION
The lckpwdf() and ulckpwdf() functions enable modification access to the password databases through the lock file. A process first uses
lckpwdf() to lock the lock file, thereby gaining exclusive rights to modify the /etc/passwd or /etc/shadow password database. See
passwd(4) and shadow(4). Upon completing modifications, a process should release the lock on the lock file using ulckpwdf(). This mechanism
prevents simultaneous modification of the password databases. The lock file, /etc/.pwd.lock, is used to coordinate modification access to
the password databases /etc/passwd and /etc/shadow.
RETURN VALUES
If lckpwdf() is successful in locking the file within 15 seconds, it returns 0. If unsuccessful (for example, /etc/.pwd.lock is already
locked), it returns -1.
If ulckpwdf() is successful in unlocking the file /etc/.pwd.lock, it returns 0. If unsuccessful (for example, /etc/.pwd.lock is already
unlocked), it returns -1.
USAGE
These routines are for internal use only; compatibility is not guaranteed.
FILES
/etc/passwd password database
/etc/shadow shadow password database
/etc/.pwd.lock lock file
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|MT-Level |MT-Safe |
+-----------------------------+-----------------------------+
SEE ALSO getpwnam(3C), getspnam(3C), passwd(4), shadow(4), attributes(5)SunOS 5.11 29 Dec 1996 lckpwdf(3C)