HPE Community
Operating System - HP-UX
1835133 Members
2731 Online
110076 Solutions
New Discussion

passwd

 
SOLVED
Go to solution
Mike Burk
Advisor

‎08-27-2001 10:18 AM

‎08-27-2001 10:18 AM

passwd

How do I restrict users from changing their password?

Thanks,

Mike
0 Kudos
Reply
5 REPLIES 5
G.Kumar
Frequent Advisor

‎08-27-2001 10:31 AM

‎08-27-2001 10:31 AM

Solution

Re: passwd

You can use SAM to modify user passwd options
select passwd change only by superuser

Reply
Jay Newman
Frequent Advisor

‎08-27-2001 10:51 AM

‎08-27-2001 10:51 AM

Re: passwd

I will assume that your users do not have superuser access.
If you want the easy way out, run SAM, modify a user, go to "modify password options" and set it to "Allow only Super-User To Change Password".
There may be a command line syntax to accomplish the same task, but this should do the job for you unless you have a large user base and are trying to write it into a script.
HTH
"Success is defined by getting up one more time than you fall down."
0 Kudos
Reply
Mike Burk
Advisor

‎08-27-2001 11:19 AM

‎08-27-2001 11:19 AM

Re: passwd

My systems has been converted to a "Trusted System". The option in SAM is no longer available. Now how do I do it?
0 Kudos
Reply
linuxfan
Honored Contributor

‎08-27-2001 11:41 AM

‎08-27-2001 11:41 AM

Re: passwd

Hi Mike,

/usr/bin/passwd and /sbin/passwd are normally a suid exectables, change the permission to 555 or even better 550, then any non-root user cannot execute passwd.

-HTH
Ramesh
They think they know but don't. At least I know I don't know - Socrates
Reply
Bill Thorsteinson
Honored Contributor

‎08-27-2001 02:08 PM

‎08-27-2001 02:08 PM

Re: passwd

If you don't want to prevent all non-root users from
changing their password you can create a group
which has access to password change uility.

add a new group for passwd,
chmod the passwd exculables to 550 (chmod o-rx)
change the group to the password group (chgrp passwd)
add users you want to be able to change their
passwords to the passwd group.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.