Thanks for the quick response. I can usually count on the right answer
from others on this list _days_ before I can get an answer (not always
right) from DEC support.
Received responses from:
Anthony D'Atri <aad_at_nwnet.net>
Randall S. Winchester <rsw_at_eng.umd.edu>
Don Newcomer <newcomer_at_dickinson.edu>
Kent Arnott <karnott_at_falcon.tamucc.edu>
Todd Kover <kovert_at_umiacs.UMD.EDU>
Ilja Hallberg <hallberg_at_s3.kth.se>
David W Lloyd <dwl_at_cs.strath.ac.uk>
Phred is Dead <layher_at_grumpy.emich.edu>
Jon Buchanan <Jonathan.Buchanan_at_ska.com>
My original question was:
I would like to disable general use of the chfn command.
I tried changing its mode to 700, but that also disables the passwd command.
Has anyone out there figured this one out?
The answers were variations of this one from Todd Kover:
passwd, chfn, and chsh all invoke the same binary that behave differently
based on the name. You can unlink the chfn (and use ln to relink it later
if you so desire (see ln(1)), but users can still use a command line option
to passwd to do the same thing.
Your only choice is really to replace the passwd program with something
else.
David Lloyd gave me a quick fix:
chfn, chsh and passwd are generally hard links to the same file. If you want
to disable chfn only you could use the following:
cp chfn chfn.tmp
rm chfn
mv chfn.tmp chfn
chmod 700 chfn
I have disabled chfn as above, and am looking for new versions of passwd
as time allows. Pointers to source code would be appreciated.
Thanks again to all.
Gary W. Perkins perkins_at_meteor.uscolo.edu
University of Southern Colorado (719) 549-2566
-------------------------------------------------------------------------
Received on Mon Sep 04 1995 - 22:12:28 NZST