On Wed, 10 Dec 2008, Dan Nelson wrote:
In the last episode (Dec 10), Dan Mahoney, System Admin said:
I'm noticing that when following the directions given here:
For how to disable logins, the recommended action is to set the shell to
However, this is sloppy as it allows the user to log in, get the
motd, do everything short of getting a shell.
I've tried starring out the password in the +::::::::: entry, (and
putting in a "bad" password, like x), and those don't seem to work.
I am still able to connect via sshd and prove that the account works.
By default, the passwd field is ignored in an NIS + or - line. It looks
like if you rebuild libc with PW_OVERRIDE_PASSWD=1, you will get the
behaviour you're looking for (see the compat_set_template function in
Okay, let's look at it from an alternate tack then -- what else renders an
Is there a pam knob to check /etc/shells? Or an sshd option?
I found these:
for a user who had a similar problem, but freebsd doesn't appear to have
the requisite module. This could also be implemented as an option to
pam_unix (which could check either /etc/shells or the NIS equivalent,
since it already has the NIS hooks.)
I'll make a separate post to -hackers requesting this.
it's probably pretty trivial to port, but I'm leery to do so not-being a
"Of course she's gonna be upset! You're dealing with a woman here Dan,
what the hell's wrong with you?"
-S. Kennedy, 11/11/01
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"