Hi, I would suggest an alternative, using pam_access.so, which would probably still require a script or something to be executed with root privileges, but would not mess with /etc/passwd.
- enable pam_access in /etc/pam.d/common-account account required pam_access.so - edit /etc/security/access.conf example line: -:username:ALL man pages can be found here http://linux.die.net/man/8/pam_access and http://linux.die.net/man/5/access.conf The proper way to lock a user account btw would be: usermod --lock --expiredate 1 username to unlock: usermod --unlock --expiredate 99999 see also http://linux.die.net/man/8/usermod This would not only disable the password, but also prevent logins via pubkey etc. Using access.conf is much more flexible though imho. regards, Bettina Am 09.11.2012 16:45, schrieb Jan Middelkoop: > .... >> And any other ideas would be welcomed too, even including "What! Don't >> do it!". ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_nov _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
