On 11 September 2012 09:37, Antoine Jacoutot <ajacou...@bsdfrog.org> wrote:
> On Tue, Sep 11, 2012 at 09:33:56AM +0300, Eugene Yunak wrote:
>> On 10 September 2012 18:01, Antoine Jacoutot <ajacou...@bsdfrog.org> wrote:
>> > Hi.
>> >
>> > This diff adds 2 new options to usermod(8):
>> > -U to unlock a user's password
>> > -Z to lock a user's password
>> >
>> > In effect locking/unlocking the password means to add a '!' in front of
>> > the encrypted entry in master.passwd.
>> > Note that this disable the _password_ not the account of course (you
>> > could still connect using ssh+key for e.g.).
>> >
>> > That said, I have some use for it and would like to be able to have this
>> > if at all possible.
>> > Behavior is basically the same as Linux's usermod(8) except that I am
>> > using -Z for locking the password (-Z is for SElinux in Linux land and
>> > -L is used instead but we use it ourselves for the login class).
>> >
>> > Comments?
>>
>> Hi,
>>
>> Isn't think better placed in passwd?
>> At least Linux and Solaris (since 5.6 i believe) have this as -l and
>> -u in passwd(1),
>> so this might be a better option to keep it consistent with other
>> systems. HP-UX
>> only implements -l; I haven't checked others.
>
> It is consistent; this is how usermod works in linux as well.

Isn't it better to be consistent with most Unix systems and not just Linux?
The world is Linux-centric enough already and an OpenBSD should know it
better than anyone else ;)

>> OpenBSD passwd already uses -l to restrict passwd to local files only though 
>> so
>> you would still need to use a different letter (as you do with
>> usermod) but at least
>> passwd(1) is where most unix admins would look for this option first.
>
> This diff is for the usermod part, not passwd; both are different things.

I don't get it - how are they "different things"? Both manipulate shadow.


-- 
The best the little guy can do is what
the little guy does right

Reply via email to