root will still be able to su to the user. A test would be to su to a user that does not have root access - and try to su - to the locked user.
If you want to completely disable the account, change the default shell to /bin/false. This is a shell that doesn't exist, so will not allow root to su to it.
Code:
usermod -s /bin/false username
*LK* belongs in the second field, but again, you SHOULD NOT manually manipulate this file.
Last edited by avronius; 09-15-2008 at 02:40 PM..
Reason: added some clarity
how can I lock my keyboard while I'm away from the computer without using lock command. What other commands gives me the option to lock keyboard device?
thanks (7 Replies)
I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired.
I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Hi ,
I am faceing lot of problem due to "disk space is not enough".
senerio is like as,
In system has 5 account.
a,b,c,d,e
say account c if very critical.
Due to other user's data, user 'c' is faceing disk space issue.
I want to dedicate 3 GB for user 'c'.
No user... (1 Reply)
Hello all,
If anyone has time, I have a few questions:
How do I do the following in Linux. We are using Red Hat and Oracle Enterprise Linux, which is based on Red Hat too.
1. How to lock the account after a few (like 3) invalid password attempts?
2. How do you lock a screen after 30... (1 Reply)
Hi all,
I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4
when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Hi all,
I have to test some user priviliges. The goal is to be sure that an unauthorized user can't restart some modules (ssh, mysql etc...).
I'm trying to automate it with a shell script but in same cases I got the syslog broadcast message.
Is there any way to simply get a return code... (3 Replies)
I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands.
ssh $ACCOUNT_DETAILS@$HOST_DETAILS
cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies
LEARN ABOUT SUSE
userdel
userdel(8) System Manager's Manual userdel(8)NAME
userdel - delete an user account
SYNOPSIS
userdel [-D binddn] [-P path] [-r[-f]]
[--service service] [--help] [-u] [-v] account
DESCRIPTION
userdel deletes an user account from the local system files or a LDAP database and removes all entries that refer to account from the group
database. Before the account is removed, the USERDEL_PRECMD command as defined in login.defs(5) is called, after removal the
USERDEL_POSTCMD command is called.
OPTIONS -r, --remove-home
Remove the whole home directory and the mail spool of the specified account. Files located in other directories will have to be
searched for and deleted manually.
-f, --force
This option is used to force the removal of files, even if not owned by the account.
--service service
Add the account to a special directory. The default is files, but ldap is also valid.
-D, --binddn binddn
Use the Distinguished Name binddn to bind to the LDAP directory. The user will be prompted for a password for simple authentica-
tion.
-P, --path path
The passwd and shadow files are located below the specified directory path. chpasswd will use this files, not /etc/passwd and
/etc/shadow.
--help Print a list of valid options with a short description.
-u, --usage
Print a short list of valid options.
-v, --version
Print the version number and exit.
FILES
passwd - user account information
shadow - shadow user account information
group - group information
SEE ALSO passwd(1), login.defs(5), passwd(5), shadow(5), useradd(8), usermod(8)AUTHOR
Thorsten Kukuk <kukuk@suse.de>
pwdutils October 2003 userdel(8)