I am trying to cleanly disable users on my system from being able to change
their GECOS field information (finger information). I have been doing some
research into it and found a couple of choices, some not good at all.
1) I can remove the siad_chg_finger entry from the matrix.conf file, but
the user get an error message stating their username is incorrect.
2) I can, and have been trying to, write a c program to strip the -f flag
from the passwd -f command and give an error message to the user stating
this function has been disable by the system administrator. But this gets
very hairy when the setreuid comes into play and I would rather not write a
program like this if it can be avoided.
What I would really like to do is get my hands on the c code for the passwd
command and see how they use the SIA library calls so I can re-write this
to ignore the -f and report to the user the disabled message.
Any information would be greatly appreciated.
****************************************************
| Brian H. Mayo | UNIX System Administrator |
| Computing Services | BRYN MAWR COLLEGE |
|++++++++++++++++++++++++++++++++++++++++++++++++++|
| brian.mayo_at_brynmawr.edu |
| Guild Hall | t:(610) 526-7972 | f:(610) 526-7432 |
| 101 North Merion Road | Bryn Mawr, Pa 19010 |
****************************************************
Received on Fri Sep 19 1997 - 19:07:14 NZST