Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

System shell nologin script required

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting System shell nologin script required
# 1  
Old 09-14-2017
System shell nologin script required
Hi

Part of our security audit we found that following system account's had shells configured;

Code:
sync
 halt
 shutdown

I believe this can be achieved by following commands:
Code:
chsh -s /sbin/nologin (user)

Code:
usermod -s /sbin/nologin (user)

However, I would like simple script to include these 3 account's only. Please can you advise on a simple script which can set this shell to nologin for these 3 users?

Regards
G


Moderator's Comments:
Mod Comment Please use CODE tags as required by forum rules!
Last edited by RudiC; 09-14-2017 at 12:05 PM.. Reason: Added CODE tags.
# 2  
Old 09-14-2017
Welcome to the forum.

Why a script for this one-off task?
# 3  
Old 09-14-2017
Please, try the following:
Code:
for u in sync halt shutdown; do
    usermod -s /sbin/nologin "$u"
done

# 4  
Old 09-14-2017
Hi

Yes it's a small one off task But it appears they are reluctant for having a script to do the work rather than a manual approach.

Therefore, wanted a script to do resolve the issue of having invalid shell accounts for the three accounts mentioned earlier.

Thanks,
G
Last edited by Gamma; 09-14-2017 at 01:28 PM.. Reason: Need to add more information
# 5  
Old 09-14-2017
You could probably use /bin/false if /sbin/nologin does not exist.
# 6  
Old 09-14-2017
[QUOTE=Gamma;303003499]Hi

Yes it's a small one off task But it appears they are reluctant for having a script to do the work rather than a manual approach.

Therefore, wanted a script to do resolve the issue of having invalid shell accounts for the three accounts mentioned earlier.

The other thing I forgot to add was do we need to define the "/etc/passwd" within your for loop or will that be captured?

Thanks,
Smilie
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Shell script required

Hi, I need shell script for getting the date in format from below text output IP IS 10.238.52.65 pun-ras-bng-mhs-01#show conf port 2/4 Building configuration... Current configuration: ! card ge3-4-port 2 ! port ethernet 2/4 no shutdown encapsulation dot1q (7 Replies)
Discussion started by: surender reddy
7 Replies

2. Shell Programming and Scripting

help required with shell script

Hi, My input file as follws $ cat 1.txt ------- a aa aaa 11 b bb bbb 22 I am able to extract first and last column of a given line as follows. $ nawk '{print $1}' FS= RS= 1.txt | awk '{ $NF = ""; print }' a $ nawk '{print $1}' FS= RS= 1.txt | awk '{ print $NF}' 11 however, the... (4 Replies)
Discussion started by: bala123
4 Replies

3. Shell Programming and Scripting

Shell script is required

Dear All I have a filelisting as below: abcd_20110715_0007 abcd_20110715_0010 abcd_20110716_0001 abcd_20110716_0004 abcd_20110715_0008 abcd_20110715_0011 abcd_20110716_0002 abcd_20110716_0005 abcd_20110715_0009 abcd_20110715_0012 abcd_20110716_0003 abcd_20110716_0006 ... (3 Replies)
Discussion started by: at1700
3 Replies

4. Shell Programming and Scripting

shell script required...

There are two fields actually one is server name and the other one is Time. Based on time, there are 8 columns and these will be updated with the flag 1 if at all if there is any server name. Time Server name 15 to 18 18 to 21 21 to 24 00 to 03 03 to 06 06 to 09 09 to 12 Server... (3 Replies)
Discussion started by: venkatesht
3 Replies

5. Shell Programming and Scripting

Shell script help required

Hi, Can someone help me with this small piece of code. DIRNAME=$(dirname $0) BASENAME=$(basename $0) DATA="${DIRNAME}/${BASENAME}.data" && . $DATA whats is meant by && . $DATA here... Regards, Abhishek (2 Replies)
Discussion started by: max29583
2 Replies

6. Shell Programming and Scripting

Shell Script Required

I have following information in one file. ObjID: 004ee4e4-0d92-71dd-1512-9887a1f10000 Address: 152.135.0.61 PingState: Ping Responding ----------------Management Address--------------------- ++++++++++++++++Interface+++++++++++++++++++++ IFName: dall00r1.mis.amat.com ] ObjID:... (3 Replies)
Discussion started by: ntgobinath
3 Replies

7. Shell Programming and Scripting

Shell Script Required!

Hi people, I am new to this forum. I have taken unix this semester in my college and i am new to it. I am finding shell scripting a bit hard and i need a little help. I require a shell script to delete files that end as .bak , .BAK, #, ~ and files with the name core.The Script should accept... (3 Replies)
Discussion started by: vats
3 Replies

8. Linux

shell script required

Hi, iam presenting the input text file format.Of this i need the character count of the number of characters present in each file.The attached file is a combination of 3 text file.each text file starts at record 1 - 34, then the next tetx file starts. What i need is the character count of each... (1 Reply)
Discussion started by: sethunath
1 Replies

9. AIX

aix nologin shell

is the nologin shell available in AIX 5.2? I am familiar with the nologin shell in linux and restricting shell access but still allowing ftp etc. Can this be done in AIX? I have not been able to locate any documentation. Thanks in advance (5 Replies)
Discussion started by: zuessh
5 Replies

10. Solaris

nologin shell on Solaris?

I'm setting up a Solaris 10 box to run Lawson application, which needs users to have Unix acounts, but the users will not be using interactive shell. To make it more secure, I'd rather not give them a valid shell. I know there's a trick by putting /noshell in the /etc/passwd file, but the problem... (2 Replies)
Discussion started by: GKnight
2 Replies
Login or Register to Ask a Question