You have a user whose account you want to disable but not remove.
What should you do?
A.
Edit /etc/gshadow and just remove his name
B.
Edit /etc/passwd and change all numbers to 0
C.
Edit /etc/shadow and remove the last field
D.
Edit /etc/passwd and insert an * after the first :
E.
Edit /etc/group file and put a # sign in front of his name
Explanation:
A,C would remove parts of the user data,
B would do something strange
E would probably result in a syntax error, you would comment only whole lines
D) does not really disable the accout, but temporarily change the password, so the user is not able to log in.So D would be the least wrong answer.
From the man pages:
The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name. However, some applications which read the /etc/passwd file may decide not to permit any access at all if the password field is blank. If the password field is a lower-case x, then the encrypted password is actually stored in the shadow(5) file instead; there must be a corresponding line in the /etc/shadow file, or else the user account is invalid. If the password field is any other string, then it will be treated as an encrypted password, as specified by crypt(3).