Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security hardening for standard HP-UX users
Operating Systems HP-UX Security hardening for standard HP-UX users Post 303008195 by MadeInGermany on Tuesday 28th of November 2017 01:00:12 PM
Old 11-28-2017
Are there any processes with any of these owners?
Code:
ps -fu bin,adm,daemon,uucp,lp,hpdb

These are probably affected.
IMHO, if the login password is locked/invalid, there is not much gain in disabling the login shell.
 

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Security Issue with Standard Input?

Hi Gang, Running a script in AIX 5.3. Users wanted me to add a "confirm you want to run script, enter 'y' or 'n'" kind of thing... here is what I came up with: #!/bin/sh myfile=`basename "$1"` dateNow=`date "+%m.%d.%Y.%H.%M.%S"` # Get current date mydatedfile=$myfile.$dateNow... (2 Replies)
Discussion started by: yall
2 Replies

2. Solaris

Hardening Solaris

What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies

3. Shell Programming and Scripting

standard error to standard out question

Hi there how can i get the result of a command to not give me its error. For example, on certain systems the 'zfs' command below is not available, but this is fine becaues I am testing against $? so i dont want to see the message " command not found" Ive tried outputting to /dev/null 2>&1 to no... (5 Replies)
Discussion started by: hcclnoodles
5 Replies

4. UNIX for Dummies Questions & Answers

Redirect Standard output and standard error into spreadsheet

Hey, I'm completely new at this and I was wondering if there is a way that I would be able to redirect the log files in a directories standard output and standard error into and excel spreadsheet in anyway? Please remember don't use too advanced of terminology as I just started using shell... (6 Replies)
Discussion started by: killaram
6 Replies

5. UNIX for Dummies Questions & Answers

Pop the users one by one in sudo cat /etc/security/user

Hi Everyone, When I runthe query in ssh shell sudo cat /etc/security/user , I see half of the users cut down from the display screen. what I want to do is using the somthing like "pop" that when I hit the enter key every time the screen should move to the next user? does some one has any idea how... (4 Replies)
Discussion started by: starter2011
4 Replies

LEARN ABOUT HPUX

chsh

chsh(1) 						      General Commands Manual							   chsh(1)

NAME

       chsh - change default login shell

SYNOPSIS

       login-name [shell]

       login-name [shell]

       login-name [shell]

       login-name [shell]

DESCRIPTION

       The command changes the login-shell for a user's login name in the repository (see passwd(1)).

       The  DCE  repository is only available if Integrated Login has been configured; see auth.adm(1M).  If Integrated Login has been configured,
       other considerations apply.  A user with appropriate DCE privileges is capable of modifying a user's shell;  this  is  not  dependent  upon
       superuser privileges.

       If the repository is not specified (as in [login-name]), the login shell is changed in the file only.

       Run after running to make sure the information was processed correctly.

   Notes
       The  command  is  a hard link to the command. When is executed, actually the command gets executed with appropriate arguments to change the
       user login shell in the repository specified in command line. If no repository is specified, the login shell is changed in the file.

   Arguments
	      login-name  A login name of a user.

	      shell	  The absolute path name of a shell.  If the file exists, the new login shell must be listed in that file.  Otherwise, you
			  can specify one of the standard shells listed in the getusershell(3C) manual entry.  If shell is omitted, it defaults to
			  the POSIX shell,

   Options
       The following option is recognized:

	      Specify the repository to which the operation is to be applied.
		     Supported repositories include and

   Security Restrictions
       You must have appropriate privileges to use the optional login-name argument to change another user's login shell.

NETWORKING FEATURES

   NFS
       File can be implemented as a Network Information Service (NIS) database.

EXAMPLES

       To change the login shell for user to the default:

       To change the login shell for user to the C shell:

       To change the login shell for user to the Korn shell in the DCE registry:

WARNINGS

       If two or more users try to write the file at the same time, a passwd locking mechanism was devised.  If this locking  fails  after  subse-
       quent retrying, terminates.

AUTHOR

       was developed by HP and the University of California, Berkeley.

FILES

SEE ALSO

       chfn(1), csh(1), ksh(1), passwd(1), sh(1), sh-posix(1), getusershell(3C), pam(3), passwd(4), shells(4).

																	   chsh(1)
All times are GMT -4. The time now is 04:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy