|
Next: Backups Up: Managing user accounts Previous: Removing a user
Disabling a user temporarilyIt is sometimes necessary to temporarily disable an account, without removing it. For example, the user might not have paid his fees, or the system administrator may suspect that a cracker has got the password of that account. The best way to disable an account is to change its shell into a special program that just prints a message. This way, whoever tries to log into the account, will fail, and will know why. The message can tell the user to contact the system administrator so that any problems may be dealt with. It would also be possible to change the username or password to something else, but then the user won't know what is going on. Confused users mean more work. A simple way to create the special programs is to write `tail scripts': #!/usr/bin/tail +2 This account has been closed due to a security breach. Please call 555-1234 and wait for the men in black to arrive.The first two characters (` #! ') tell the kernel that
the rest of the line is a command that needs to be run to
interpret this file. The tail command in this case
outputs everything except the first line to the standard
output.
If billg is suspected of a security breach, the system administrator would do something like this: The purpose of the su is to test that the change worked, of course. Tail scripts should be kept in a separate directory, so that their names don't interfere with normal user commands.
Lars Wirzenius Sat Nov 15 02:32:11 EET 1997 |
|||||||||||||||||
With any suggestions or questions please feel free to contact us |