[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

locking/unlocking accounts with pam?



Dan Hollis wrote:
>On Tue, 20 Jan 1998, Allen Bolderoff wrote:
>> goemon@sasami.anime.net said:
>> > I'm looking at the man page for usermod on redhat 5.0 now, and i can't
>> > see anywhere that usermod allows locking/unlocking passwords. (NOTE:
>> > changing authentication methods is not the same thing as locking/
>> > unlocking a shadow password.)
>> I got the information from the redhat hurricane (5.0) list - I only remember 
>> the post by donnie barnes. but upon re-reading my archives, I found another 
>> post by Cristian Grafton saying he will fix the problem. - it relates to the 
>> shadow utils rpm BTW.
>
>As of redhat 5.1, 6 months later, passwd still cannot lock accounts.
>(And no, usermod or any of the shadow-utils cant do it either)
>
>:-(
>
>> Donnie Barnes in the list said something along the lines of expiring the 
>> account with today minus 1 day.
>
>By 'lock' I mean inserting a "!" as the first character of the password.
>To 'unlock' the password, remove the "!".
>
>Much simpler than fiddling with account expiration (especially when youre
>trying to script it! a script should not have to fiddle with calculating
>expiration dates).

I complained about this when 5.0 came out, and like you say, we were
told it would be taken care of.  Now 5.1 is out, still with no way to
lock a password.

I made a patch to usermod from shadow-utils that adds lock and unlock
options.  Look at http://ro.com/~cadams/files/shadow-980403-pwlock.patch
to get it.

I hope Red Hat includes this in the next version.
-- 
Chris Adams - cadams@ro.com
System Administrator - Renaissance Internet Services
I don't speak for anybody but myself - that's enough trouble.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []