>
> After we upgraded to DU 4.0b we have problems with removeuser and C2 security.
> Removeruser doesn't remove the user in the protected database, only in the
> /etc/password ... it is necessary to run the new "/usr/tcb/bin/convuser
> -d username" utility by hand to remove the user from the protected datebase.
It seems to be a known bug in 4.0b, you have to modify the /usr/sbin/adduser
script. This is well described by Richard Rogers:
>> Yes, you're right about this. I've just managed to cure it by moving the
>> lines in the removeuser script that rebuild the passwd file from just below
>> the convuser -dq command to just above. The convuser -d command only removes
>> the tcb file if there is no BASE entry for the user, and this is evidently
>> taken to include an entry in the passwd.dir/passwd.pag files, rather than
>> just an entry in the plain passwd file, which has been removed by this time.
>>
>> Richard
Thanks to
Randy Hayman, haymanr_at_icefog.alaska.edu
Andrew Moar, A.Moar_at_latrobe.edu.au
Richard Rogers, ittrmr_at_staffs.ac.uk
Sorry for late summary.
Ena
Received on Tue May 27 1997 - 13:49:34 NZST