- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Disable system userid???
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-22-2010 06:03 PM
тАО09-22-2010 06:03 PM
Disable system userid???
The auditor requested us to disable or remove the access to the shell for the following users:
1. bin
2. daemon
3. sys
4. uucp
5. ip
6. nuucp
Can I do that and how? will it be affecting the system after i dsiable these users?
Thanks for your advices.
Regards,
Oee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-22-2010 06:40 PM
тАО09-22-2010 06:40 PM
Re: Disable system userid???
Will lock the user's login.
All the logins in your list are usually locked by default.
passwd -s
I've no experience of what might break if you change the default shell for these admin type users. But you could experiment if you have a suitable test platform - be prepared to boot to single user if it gets out of hand.
uucp and nuucp usually have a special shell /usr/lbin/uucp/uucico; so it may not be a good idea to mess with them if you use uucp (does anyone still use uucp?)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-22-2010 07:10 PM
тАО09-22-2010 07:10 PM
Re: Disable system userid???
These are special user IDs and no one will ever login to them. But they represent system ownership of specific files. Removing them may be detrimental to your system.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-22-2010 10:01 PM
тАО09-22-2010 10:01 PM
Re: Disable system userid???
please dont remove or disable these system generated users.
for the audit point of view these user accounts increase the likelihood of compromise by providing attackers with more user accounts to check for security holes.
Better idea to change their login shell by /usr/bin/false or /dev/null or /bin/false and finally cross check /etc/passwd file for changes. Now these users will not be able to get any shell in the system for normal operation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-22-2010 11:10 PM
тАО09-22-2010 11:10 PM
Re: Disable system userid???
# passwd -a -s
Thus who is locked or PS (PS means normal pwd account) will be shown.