- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Block system account
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2010 08:01 PM
тАО12-07-2010 08:01 PM
nuucp
smmsp
listen
gdm
webservd
nobody
noaccess
nobody4
adm
ip
uucp
How to disable or assign /dev/null to all of the above accounts?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2010 08:07 PM
тАО12-07-2010 08:07 PM
Re: Block system account
usermod -s /dev/null
Shibin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2010 09:04 PM
тАО12-07-2010 09:04 PM
Re: Block system account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2010 09:51 PM
тАО12-07-2010 09:51 PM
Re: Block system account
It will only be successful, if user is not logged in the system.
Alternatively, you can do vipw and change the shell to /dev/null .
When you logged in, in simple explanation, you can run / execute commands or can login, because you have valid shell. If you don't have valid shell, it won't be able to login.
Shibin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2010 10:18 PM
тАО12-07-2010 10:18 PM
Re: Block system account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-08-2010 04:27 AM
тАО12-08-2010 04:27 AM
Re: Block system account
# passwd -sa
Shows you the system logins and their status where LK = locked. These logins will have an invalid password so they can never be used as a login. Your list includes a few other logins like nobody4 so report the status with:
passwd -s nobody4
DO NOT enable system logins or change the shell or home directory. They are created for system usage and are never used as normal logins. That's why they in the LK state.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-10-2010 01:19 AM
тАО12-10-2010 01:19 AM
Re: Block system account
I have run the command and the result as below:
root PS
daemon LK
bin LK
sys LK
adm LK
uucp LK
lp LK
nuucp LK
hpdb LK
nobody LK
www LK
smbnull LK
sshd LK
iwww LK
owww LK
hpsmh LK
dpadmin LK
opc_op LK
Confirm all the System id were locked. It was raised because recently there was
penetration test carried out by external vendor and they purpose of assigning
/dev/null for these system acct to ensure this acct not being use by unauthorized person
(in case no password is set for the account) and also as a backdoor login for
a hacker (in case of system break ├в in).
(They called this sys account). Any diff between system account and user id?
We are not sure the impact and in any case if we want to revert back.
So BIll as your advise it is not recommended to assign /dev/null because we
should not change the shell for this userid?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-10-2010 10:11 AM
тАО12-10-2010 10:11 AM
Re: Block system account
Most of these are accounts that are "priveleged" for subsystems within the operating system. They are used to support system applications and are also called as pseudo accounts. However, the nobody user access can be restricted by giving a UID of -1. When you talk about optional network features, /etc/protocols is owned by bin. Your /etc/services is owned by bin! You want to assign /dev/null to all these accounts? If certain pseudo accounts don't function the way they are supposed to , they will not support your system applications in the way they were supposed to.
Regards
Ismail Azad
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-10-2010 01:08 PM
тАО12-10-2010 01:08 PM
SolutionThe vendor appears to be only slightly familiar with Unix. It is impossible to login to a locked account. There is no password that will allow access in HP-UX. You can tell your manager that you'll follow their recommendations but before you do, the vendor must sign a paper accepting responsibility for downtime and troubleshooting time to repair problems that may occur. Usually this sort of agreement will cause the vendor to retract their recommendation.
Bill Hassell, sysadmin