From: Peter H. <pet...@hu...> - 2002-07-31 15:10:44
|
>>Hello all! >> >>I finally got SM going and now I have a question. How you you guys >> handle passwords with this? I am just now setting up a box and don't >> really want my users logging on and having shell access. Is there a >> way (DOS Script?) to do this remotely? >> > Yes there is. > In /etc/passwd, change the user shells from /bin/bash to /bin/nologin. > then make a file called /bin/nologin, and put this in it: > > #! /bin/sh > echo "Sorry, but your account is only allowed POP access to this host." > exit 1 I'd be very careful handing out this kind of advice. There are very subtle ways that shell scripts can be used against you in this sort of situation. The best policy IMO is to use whatever facility your vendor provides for this situation. For example RH provides a binary called false that is used in this case. Furthermore, since he says DOS script one might guess that he isn't running SM on a system that uses /etc/passwd anyway . . . -Peter |