[100782] in RedHat Linux List
Re: Deleting shells for users
daemon@ATHENA.MIT.EDU (Kevin Smith)
Mon Nov 23 10:42:49 1998
Date: Mon, 23 Nov 1998 09:46:49 -0600 (EST)
From: Kevin Smith <kevin@mtsu.edu>
To: Ed Lawson <elawson@lr.net>
cc: "redhat-list@redhat.com" <redhat-list@redhat.com>,
recipient list not shown: ;
In-Reply-To: <19981123144143.AAA26952@office4.office.new>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On Mon, 23 Nov 1998, Ed Lawson wrote:
> I have several users added to a RH 5.0 machine so they can get their email from IMAP. However, I want
> to change their accounts so they cannot access the machine. In other words, they get no shell if they log in.
> What is the best way to do this? I need to be able to do this from the command line as the GUI
> tools are not available. What needs to be used as a replacement for the standard shell in each users entry.
> TIA
Step 1: add "/bin/notelnet" to the end of /etc/shells
Step 2: make you a /bin/notelnet binary that displays an appropriate
message to the user... i have included a sample below...
Step 3: given USERNAME, use: /usr/sbin/usermod -s /bin/notelnet USERNAME
--- cut here: begin notelnet.c ---
#include <stdio.h>
int main() {
printf("This account does not have telnet access\n");
return(0);
}
--- cut here: end notelnet.c ---
Save the above snipet to notelnet.c, then compile with
"gcc -s -O3 notelnet.c -o /bin/notelnet"
This will prevent the user from telnet access, but you will
have to make sure that your ftp server (if you run one) knows
that /bin/notelnet is not a valid shell, and to not allow the
user to login...
-----
Kevin Smith
kevin@mtsu.edu
Department chairmen never die, they just lose their faculties.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
