HPE Community
Operating System - HP-UX
1833777 Members
2234 Online
110063 Solutions
New Discussion

Re: owner account without login

 
SOLVED
Go to solution
Kwai Leung
New Member

‎08-18-2005 03:12 AM

‎08-18-2005 03:12 AM

owner account without login

Hi members,

In HP UX, is it possible to create an user account to own files but no one can login to this account manually? and how to gain access to these files, by a SUID program?

Thanks,
0 Kudos
Reply
6 REPLIES 6
Simon Hargrave
Honored Contributor

‎08-18-2005 03:14 AM

‎08-18-2005 03:14 AM

Re: owner account without login

Set the users shell in /etc/passwd to /usr/bin/false, they will then not be able to login interactively, but you can chown files to this user.
0 Kudos
Reply
Alan Meyer_4
Respected Contributor

‎08-18-2005 03:15 AM

‎08-18-2005 03:15 AM

Re: owner account without login

Yes, create the user and inside the /etc/passwd file, set the character "*" as the password. that deactivated the account but reserves the uid for process and file ownership.

You can also deactivate the account from inside SAM too.
" I may not be certified, but I am certifiable... "
0 Kudos
Reply
Devender Khatana
Honored Contributor

‎08-18-2005 03:21 AM

‎08-18-2005 03:21 AM

Re: owner account without login

Hi,

Yes it is possible by defining a /usr/bin/false shell to user in /etc/passwd file.

Use chmod to set the UID bit on the files ( If exececutable)or gain access through other users in the group by setting proper permissions for other users in group.

HTH,
Devender
Impossible itself mentions "I m possible"
Reply
DCE
Honored Contributor

‎08-18-2005 03:29 AM

‎08-18-2005 03:29 AM

Re: owner account without login

Using an asterisk in the password file disables the login, but the id has full user rights if it somehow gets enabled.

Using /usr/bin/false as the shell means that you cannot log in, but you can ftp in. If the user ftp's in - he only has access to his home directory and nothing else.
Reply
Kwai Leung
New Member

‎08-18-2005 03:43 AM

‎08-18-2005 03:43 AM

Re: owner account without login

Thank you for all responses.

If I chose to use /usr/bin/false, can this owner account be used to submit jobs via a job scheduling system such as AUTOSYS to retrieve data owned by this account?
0 Kudos
Reply
Simon Hargrave
Honored Contributor

‎08-18-2005 03:48 AM

‎08-18-2005 03:48 AM

Solution

Re: owner account without login

If the user is in /var/cron/cron.allow then yes. Jobs under cron run under /usr/bin/sh (as it says when you run crontab -e), not the default shell of the user.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.