What should you do?

You have a user whose account you want to disable but not remove.

What should you do?

You have a user whose account you want to disable but not remove.

What should you do?

A.
Edit /etc/gshadow and just remove his name

B.
Edit /etc/passwd and change all numbers to 0

C.
Edit /etc/shadow and remove the last field

D.
Edit /etc/passwd and insert an * after the first :

E.
Edit /etc/group file and put a # sign in front of his name

Explanation:
A,C would remove parts of the user data,
B would do something strange
E would probably result in a syntax error, you would comment only whole lines
D) does not really disable the accout, but temporarily change the password, so the user is not able to log in.

So D would be the least wrong answer.

From the man pages:
The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name. However, some applications which read the /etc/passwd file may decide not to permit any access at all if the password field is blank. If the password field is a lower-case x, then the encrypted password is actually stored in the shadow(5) file instead; there must be a corresponding line in the /etc/shadow file, or else the user account is invalid. If the password field is any other string, then it will be treated as an encrypted password, as specified by crypt(3).



Leave a Reply 0

Your email address will not be published. Required fields are marked *