- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Allow Only Super-User To Change Password
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-23-2009 01:14 PM
тАО02-23-2009 01:14 PM
But when I change the password with the command "passwd user", it reverts back to the 'Normal Behaviour' option.
I'm on HP-UX 11.11. My system is not trusted
Thanks in advance
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-23-2009 01:23 PM
тАО02-23-2009 01:23 PM
Re: Allow Only Super-User To Change Password
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1314064
why would you want to do such a thing? not only does it cause a security breach, it makes more work for somebody.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-23-2009 01:57 PM
тАО02-23-2009 01:57 PM
SolutionYou can "fix" this by using vipw(1m) by adding ",./" to the end of the passwd field. I have no idea why there isn't an option in passwd(1) to do that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-23-2009 03:38 PM
тАО02-23-2009 03:38 PM
Re: Allow Only Super-User To Change Password
Could you help me how to add those characters using a script ?
This is due to I must do the change for multiple users and periodically
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-24-2009 08:07 PM
тАО02-24-2009 08:07 PM
Re: Allow Only Super-User To Change Password
>Could you help me how to add those characters using a script?
This would be very dangerous if anything goes wrong. Do you want to add them to any entry in /etc/passwd, or to all but certain ones?
awk -F: '
BEGIN { OFS = ":" }
{
password = $2
if ($1 != "root" && $1 != "+" &&
password != "*" && index(password, ",") == 0) {
password = password ",./"
}
print $1, password, $3, $4, $5, $6, $7
} ' /etc/passwd > passwd.new
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-25-2009 07:47 AM
тАО02-25-2009 07:47 AM
Re: Allow Only Super-User To Change Password
I need to add the characters ",./" to the accounts based on a file. For example, if this file is called accounts.txt (aprox. 20 lines):
user1
user2
..
user20
Then I want to add the characters to accounts user1, user2,..user20.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-25-2009 07:44 PM
тАО02-25-2009 07:44 PM
Re: Allow Only Super-User To Change Password
Assuming the name is user_file:
awk -F: -vusers=user_file '
BEGIN {
while (getline < users > 0)
name[$0] = 1 # save for checking
close(users)
OFS = ":"
}
{
password = $2
if ($1 != "root" && $1 != "+" &&
password != "*" && index(password, ",") == 0 && name[$1]) {
password = password ",./"
}
print $1, password, $3, $4, $5, $6, $7
} ' /etc/passwd > passwd.new
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-25-2009 08:41 PM
тАО02-25-2009 08:41 PM
Re: Allow Only Super-User To Change Password
Are you trying to justify your job?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-25-2009 09:11 PM
тАО02-25-2009 09:11 PM
Re: Allow Only Super-User To Change Password
A friend of mine worked for a major bank here in Australia last year. She told me that one
of the world-largest outsourcing companies
charged bank around 400 Australian dollars for every password reset :)
Nice and easy money. And "very hard earned".
Cheers,
VK2COT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-25-2009 09:20 PM
тАО02-25-2009 09:20 PM
Re: Allow Only Super-User To Change Password
Actually, users (he or she) don't log on Unix. The connection is done by applications, not directly by users. These users have access to certains parts of the applications according your job nature and logged with a personal account.
For audit reasons, the Unix password must be changed periodically, and only the superuser should be able to do it
Dennis, Thank you very much for your help.