John Sonnenschein writes:
> putting it in a separate package sufficient, or would an /etc/chsh.deny
> file be the preferred method?
Neither. I think this ought to be an authorization that can be
granted or revoked. Something like:
solaris.admin.usermgr.shell
solaris.admin.usermgr.gecos
Inventing yet another independent permissions system would be (I
think) a bad thing.
--
James Carlson, Solaris Networking <james.d.carlson at sun.com>
Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
