- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Users other than root can change their own pas...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-13-2009 09:58 PM
тАО02-13-2009 09:58 PM
Users other than root can change their own passwords
Users other than root can change their own passwords. The system is not the trusted host.
Password policy is set for the users like after 60 days the password will expire, length and special characters.
My requirement is user should not change their passwords and only root or admin user can change the password. How should I set this?
Please do suggest...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-13-2009 11:22 PM
тАО02-13-2009 11:22 PM
Re: Users other than root can change their own passwords
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-13-2009 11:29 PM
тАО02-13-2009 11:29 PM
Re: Users other than root can change their own passwords
If you really want to change the password policy, remove s-bit from the passwd command:
/usr/bin/passwd
The other way is to rename /usr/bin/passwd and to create a script /usr/bin/passwd which will check the username and call real passwd command when needed.
HTH
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-14-2009 08:47 AM
тАО02-14-2009 08:47 AM
Re: Users other than root can change their own passwords
Why on earth would you even think about doing something like this? Do you REALLY want to create more work for yourself?
Not allowing users to change their own passwords is one of the most ludicrous things I have ever heard!
That last thing **I** would want is **MORE** calls from users about passwords.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-14-2009 09:13 AM
тАО02-14-2009 09:13 AM
Re: Users other than root can change their own passwords
On top of Patrick's response, this is a weakness in the security paradigm because now two people must know a user's password. This allows the user to disavow any culpability for their actions simply by saying "wasn't me, others know my password by policy"
There are ways to enforce password complexity using either the shadow password patch (< 11.31) or trusted by examining/updating the parameters in /etc/default/security.
If password complexity is not the end goal of this policy, mayhaps you could let us know what you're trying to solve to see if there might be a better way to accomplish that.
While hopefully more tactful :) I whole heartedly agree with Patrick and strongly urge you not to implement this.
Hope that helps.
Doug O'Leary
------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2009 01:22 AM
тАО02-16-2009 01:22 AM
Re: Users other than root can change their own passwords
If you realy want to do this !!!
then remove "s" bit from /usr/bin/passwd
Sani
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2009 06:38 AM
тАО02-16-2009 06:38 AM
Re: Users other than root can change their own passwords
As noted above, why on earth would you want to have to do it for them???????
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2009 06:56 AM
тАО02-16-2009 06:56 AM
Re: Users other than root can change their own passwords
What?!?!?!? Are you saying I'm not tactful? :)
I just call 'em as I see 'em!