02-20-2016
Login cancellation question
Purely out of curiosity, but what would happen in all accounts were locked out from being able to be logged in to?? The root account, on most unix-based systems, is locked by default. What if all other login-enabled accounts were changed to be login-disabled?? If such a thing were possible, would there be a possibility of using some way to gain control over the system without being able to login?? Or would the system and its contents be inaccessible?? This is pure curiosity. Obviously, I would never do this if it were possible.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Why, when you type in an obviously invalid login, does UNIX give you an opportunity to type in a password? Is it a security thing? (1 Reply)
Discussion started by: grassaj
1 Replies
2. UNIX for Dummies Questions & Answers
Hi all
I am administering Linux boxes (running rehat linux 7.3 and 8.0).
The other day I tried to ssh from 1 linux box to the other. I was root on the client box. Surprisingly, I could login as root into the host after giving the password!! I am unable to get root login from a SSH client... (2 Replies)
Discussion started by: skotapal
2 Replies
3. UNIX for Dummies Questions & Answers
hi all,
what file(s) needs to be changed and in what way in order to do the following:
when user A logs onto freebsd 4.8 automaticaly he needs to start up a script a made that executes:
sets ltp0 in polling mode,
executes tn5250 keyboard mapping
starts tn5250 with the correct parameters.
... (2 Replies)
Discussion started by: termiEEE
2 Replies
4. Shell Programming and Scripting
I have been searching how to do this and haven't been able to make it work. When I login to our Unix machine running SunOS 5.8 it automatically starts in csh but I want bash. I don't have access to chsh or password commands so I guess I need to change .profile or .login or .cshrc? Which one and... (2 Replies)
Discussion started by: blackw
2 Replies
5. Solaris
I post this question because it seems that no many people will knows about this. I hope to meet some real guru to help me out. Here is the question:
I isntalled solaris 10 on Sun sparc 64 bit machine. I can login as root user through GUI or console. After I created an Oracle user, I only can... (1 Reply)
Discussion started by: duke0001
1 Replies
6. UNIX for Advanced & Expert Users
I post this question because it seems that no many people will knows about this. I hope to meet some real guru to help me out. Here is the question:
I isntalled solaris 10 on Sun sparc 64 bit machine. I can login as root user through GUI or console. After I created an Oracle user, I only can... (2 Replies)
Discussion started by: duke0001
2 Replies
7. UNIX for Dummies Questions & Answers
Hey everyone,
I'am a little new here and experincing Unix for the first time. I was wondering if somone could help me with this question i'am a bit stuck on
Looking at the content of .profile login script
The .profile file is in your login directory. It is a startup script file... (1 Reply)
Discussion started by: worldsoutro
1 Replies
8. Red Hat
hi Guys , I m completely new to this environment.
I m working in linux gnu operating type.
I have root user access to this machine and i have created a user named scott using useradd command then set its password using passwd command.
Now my problem is i m not able to loggin using this new... (4 Replies)
Discussion started by: pinga123
4 Replies
9. Shell Programming and Scripting
Hi all,
I am OpenBSD newbie and currently need to manage some OpenBSD firewalls running pf. The OpenBSD version is 4.8
As the other sys admins are not so familiar with OpenBSD, so I have an idea across in my mind on how to minimize the root account usage and other unnecessary access and make... (9 Replies)
Discussion started by: lcxpics
9 Replies
10. Solaris
Hi Folks,
I am studying for my 1z0-821 exam and I would like to clarify an answer to the following question :
You have a ticket from a new user on the system, indicating that he cannot log in to his account.
The information in the ticket gives you both the username and password. The ticket... (2 Replies)
Discussion started by: Ravneet_Pal
2 Replies
LEARN ABOUT OPENSOLARIS
pam_unix_account
pam_unix_account(5) Standards, Environments, and Macros pam_unix_account(5)
NAME
pam_unix_account - PAM account management module for UNIX
SYNOPSIS
pam_unix_account.so.1
DESCRIPTION
pam_unix_account module implements pam_sm_acct_mgmt(), which provides functionality to the PAM account management stack. The module pro-
vides functions to validate that the user's account is not locked or expired and that the user's password does not need to be changed. The
module retrieves account information from the configured databases in nsswitch.conf(4).
The following options can be passed to the module:
debug syslog(3C) debugging information at the LOG_DEBUG level
nowarn Turn off warning messages
server_policy If the account authority for the user, as specified by PAM_USER, is a server, do not apply the Unix policy from the passwd
entry in the name service switch.
ERRORS
The following values are returned:
PAM_UNIX_ACCOUNT User account has expired
PAM_AUTHTOK_EXPIRED Password expired and no longer usable
PAM_BUF_ERR Memory buffer error
PAM_IGNORE Ignore module, not participating in result
PAM_NEW_AUTHTOK_REQD Obtain new authentication token from the user
PAM_PERM_DENIED The account is locked or has been inactive for too long
PAM_SERVICE_ERR Error in underlying service module
PAM_SUCCESS The account is valid for use at this time
PAM_USER_UNKNOWN No account is present for the user
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
|MT Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO
pam(3PAM), pam_authenticate(3PAM), syslog(3C), libpam(3LIB), pam.conf(4), nsswitch.conf(4), attributes(5)
NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle.
Attempts to validate locked accounts are logged via syslog(3C) to the LOG_AUTH facility with a LOG_NOTICE severity.
SunOS 5.11 14 Feb 2005 pam_unix_account(5)