topic Re: passwd in Operating System - HP-UX

passwd

Mike Burk — Mon, 27 Aug 2001 17:18:07 GMT

How do I restrict users from changing their password?

Thanks,

Mike

Re: passwd

G.Kumar — Mon, 27 Aug 2001 17:31:30 GMT

You can use SAM to modify user passwd options
select passwd change only by superuser

Re: passwd

Jay Newman — Mon, 27 Aug 2001 17:51:44 GMT

I will assume that your users do not have superuser access.
If you want the easy way out, run SAM, modify a user, go to "modify password options" and set it to "Allow only Super-User To Change Password".
There may be a command line syntax to accomplish the same task, but this should do the job for you unless you have a large user base and are trying to write it into a script.
HTH

Re: passwd

Mike Burk — Mon, 27 Aug 2001 18:19:12 GMT

My systems has been converted to a "Trusted System". The option in SAM is no longer available. Now how do I do it?

Re: passwd

linuxfan — Mon, 27 Aug 2001 18:41:41 GMT

Hi Mike,

/usr/bin/passwd and /sbin/passwd are normally a suid exectables, change the permission to 555 or even better 550, then any non-root user cannot execute passwd.

-HTH
Ramesh

Re: passwd

Bill Thorsteinson — Mon, 27 Aug 2001 21:08:09 GMT

If you don't want to prevent all non-root users from
changing their password you can create a group
which has access to password change uility.

add a new group for passwd,
chmod the passwd exculables to 550 (chmod o-rx)
change the group to the password group (chgrp passwd)
add users you want to be able to change their
passwords to the passwd group.