[99725] in RedHat Linux List
Re: radius (was: Re: Keeping certain users out....)
daemon@ATHENA.MIT.EDU (Jeff Sharpe)
Mon Nov 16 18:37:53 1998
Date: Mon, 16 Nov 1998 15:35:43 -0800
From: Jeff Sharpe <jeff@sfg.com>
Reply-To: jeff@3-c.net
To: redhat-list@redhat.com
X-MDaemon-Deliver-To: redhat-list@redhat.com
Resent-From: redhat-list@redhat.com
Ramon Gandia wrote:
>
> Look in /bin, and see if "false" is there. I.e., /bin/false.
> In my case, /bin/false existed, but was not listed in /etc/shells.
> If you have /bin/false, just add it to /etc/shells.
>
> Likewise, you can add the /usr/bin/whatever to /etc/shells so
> it runs when a user authenticates. It takes a REAL shell before
> he can DO anything. /bin/false will merely exit him.
>
> There is no magic on /bin/false. See my prior post. You could
> have a 0 byte file there and it should work. Or something that
> prints a nasty message to HIM, like "You do not have a shell
> account on this computer."
Or... simply create a shell script and place it in the /etc/passwd file
per user (of course).
Example:
#!/bin/sh
/bin/echo Your blacklisted bud... try another system!
/bin/echo In other words, bugger off. :-)
/usr/bin/sleep 10
More examples and managing accounts can be found in the highly
recommended O'Reilly book, Practical Unix & Internet Security.
Just another option...
J
--
Jeff Sharpe
Senior Developer, SFG Tech.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
