diff options
Diffstat (limited to 'sag-0.6.1-www/sag-0.6.1.html/x2166.html')
-rw-r--r-- | sag-0.6.1-www/sag-0.6.1.html/x2166.html | 248 |
1 files changed, 248 insertions, 0 deletions
diff --git a/sag-0.6.1-www/sag-0.6.1.html/x2166.html b/sag-0.6.1-www/sag-0.6.1.html/x2166.html new file mode 100644 index 0000000..7ad2623 --- /dev/null +++ b/sag-0.6.1-www/sag-0.6.1.html/x2166.html @@ -0,0 +1,248 @@ +<!DOCTYPE HTML PUBLIC "-//Norman Walsh//DTD DocBook HTML 1.0//EN"> +<HTML +><HEAD +><TITLE +>Disabling a user temporarily</TITLE +><META +NAME="GENERATOR" +CONTENT="Modular DocBook HTML Stylesheet"><LINK +REL="HOME" +TITLE="The Linux System Administrators' Guide" +HREF="book1.html"><LINK +REL="UP" +TITLE="Managing user accounts" +HREF="c2018.html"><LINK +REL="PREVIOUS" +TITLE="Removing a user" +HREF="x2152.html"><LINK +REL="NEXT" +TITLE="Backups" +HREF="c2187.html"></HEAD +><BODY +BGCOLOR="#FFFFFF" +TEXT="#000000" +><DIV +CLASS="NAVHEADER" +><TABLE +WIDTH="100%" +BORDER="0" +CELLPADDING="0" +CELLSPACING="0" +><TR +><TH +COLSPAN="3" +ALIGN="center" +>The Linux System Administrators' Guide</TH +></TR +><TR +><TD +WIDTH="10%" +ALIGN="left" +VALIGN="bottom" +><A +HREF="x2152.html" +>Prev</A +></TD +><TD +WIDTH="80%" +ALIGN="center" +VALIGN="bottom" +>Chapter 9. Managing user accounts</TD +><TD +WIDTH="10%" +ALIGN="right" +VALIGN="bottom" +><A +HREF="c2187.html" +>Next</A +></TD +></TR +></TABLE +><HR +ALIGN="LEFT" +WIDTH="100%"></DIV +><DIV +CLASS="SECT1" +><H1 +CLASS="SECT1" +><A +NAME="AEN2166" +>Disabling a user temporarily</A +></H1 +><P +> It is sometimes necessary to temporarily disable an + account, without removing it. For example, the user might not + have paid his fees, or the system administrator may suspect that + a cracker has got the password of that account. </P +><P +> The best way to disable an account is to change its shell + into a special program that just prints a message. This way, + whoever tries to log into the account, will fail, and will + know why. The message can tell the user to contact the system + administrator so that any problems may be dealt with. </P +><P +> It would also be possible to change the username + or password to something else, but then the user + won't know what is going on. Confused users mean more + work. + + <A +NAME="AEN2171" +HREF="#FTN.AEN2171" +>[1]</A +> + + </P +><P +> A simple way to create the special programs is to write + `tail scripts': + +<PRE +CLASS="SCREEN" +>#!/usr/bin/tail +2 +This account has been closed due to a security breach. +Please call 555-1234 and wait for the men in black to arrive.</PRE +> + + The first two characters (`<TT +CLASS="LITERAL" +>#!</TT +>') tell the + kernel that the rest of the line is a command that needs to be + run to interpret this file. The <B +CLASS="COMMAND" +>tail</B +> command + in this case outputs everything except the first line to the + standard output. </P +><P +> If user billg is suspected of a security breach, + the system administrator would do something like this: + +<PRE +CLASS="SCREEN" +><TT +CLASS="PROMPT" +>#</TT +> <TT +CLASS="USERINPUT" +><B +>chsh -s /usr/local/lib/no-login/security billg</B +></TT +> +<TT +CLASS="PROMPT" +>#</TT +> <TT +CLASS="USERINPUT" +><B +>su - tester</B +></TT +> +This account has been closed due to a security breach. +Please call 555-1234 and wait for the men in black to arrive. +<TT +CLASS="PROMPT" +>#</TT +></PRE +> + + The purpose of the <B +CLASS="COMMAND" +>su</B +> is to test that the + change worked, of course. </P +><P +> Tail scripts should be kept in a separate directory, + so that their names don't interfere with normal user commands. + </P +></DIV +><H3 +>Notes</H3 +><TABLE +BORDER="0" +CLASS="FOOTNOTES" +WIDTH="100%" +><TR +><TD +ALIGN="LEFT" +VALIGN="TOP" +WIDTH="5%" +><A +NAME="FTN.AEN2171" +HREF="x2166.html#AEN2171" +>[1]</A +></TD +><TD +ALIGN="LEFT" +VALIGN="TOP" +WIDTH="95%" +><P +>But they can be <I +CLASS="EMPHASIS" +>so</I +> + fun, if you're a BOFH.</P +></TD +></TR +></TABLE +><DIV +CLASS="NAVFOOTER" +><HR +ALIGN="LEFT" +WIDTH="100%"><TABLE +WIDTH="100%" +BORDER="0" +CELLPADDING="0" +CELLSPACING="0" +><TR +><TD +WIDTH="33%" +ALIGN="left" +VALIGN="top" +><A +HREF="x2152.html" +>Prev</A +></TD +><TD +WIDTH="34%" +ALIGN="center" +VALIGN="top" +><A +HREF="book1.html" +>Home</A +></TD +><TD +WIDTH="33%" +ALIGN="right" +VALIGN="top" +><A +HREF="c2187.html" +>Next</A +></TD +></TR +><TR +><TD +WIDTH="33%" +ALIGN="left" +VALIGN="top" +>Removing a user</TD +><TD +WIDTH="34%" +ALIGN="center" +VALIGN="top" +><A +HREF="c2018.html" +>Up</A +></TD +><TD +WIDTH="33%" +ALIGN="right" +VALIGN="top" +>Backups</TD +></TR +></TABLE +></DIV +></BODY +></HTML +>
\ No newline at end of file |