Disable passwd change for user account

sodhilogin · 08-17-2004, 02:07 AM

Is it possible to disable the password change for certain common account used by many users.

Have searched a lot, but could get info only about disabling user account.

pingu · 08-17-2004, 04:33 AM

I don't know which file shoul be edited, bur Fedora has a GUI for user/group administration. Here you can lock the password.
If someone knows which file, please tell us!

sodhilogin · 08-17-2004, 06:28 AM

In RH8.0 too there is a gui for creating the user, but there is no option to block the password changing option.

Hope someone can tell the files to be changed to disable password change option.

pingu · 08-31-2004, 04:56 AM

I found it!
# usermod -L

# man usermod
"-L Lock a user's password. This puts a '!' in front of the encrypted password, effectively disabling the password. You can't use this option with -p or -U"

The main problem with reading the manual is to know what to look for! I never heard of usermod before, stumbled over it in some post about some other password-issue.

Tinkster · 08-31-2004, 05:12 AM

That is NOT what you want :)

True, it stops the user from changing his
password ... in fact, it stops him from doing
ANYTHING as he won't be able to login.

What you want is
passwd -n MIN <login-name>
which won't allow the user to change the
password for MIN days.

With MIN=10000 you'd be looking at 27 odd years
before they can change it ;)

[edit]
The fourth column of /etc/shadow holds the number
of days before the password may be changed.
man 5 shadow
for details
[/edit]

Cheers,
Tink

pingu · 08-31-2004, 07:28 AM

Ooopss....

Tinkster · 09-01-2004, 01:43 AM

And, did you actually try it? :)

Cheers,
Tink