Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
06-01-2010, 06:46 AM
|
#1
|
|
LQ Newbie
Registered: Jun 2010
Posts: 2
Rep: 
|
User should be able to change password once in a day
Hi,
I want to do setting in RHEL5 such that user should able to change his password only once in a day.
I have changed the fourth field (i.e. minimum number of days to change) in in "/etc/shadow" file for "root" to "1". But its not working. I am able to change the password of "root" using "passwd" command.
Any one can help me out on this issue?
Thanks in advance
Thanks
Vinu
|
|
|
|
|
06-01-2010, 07:49 AM
|
#2
|
|
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,797
|
You say you changed the settings for root----I think you need to change them for each user.
|
|
|
|
|
06-01-2010, 07:54 AM
|
#3
|
|
Senior Member
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 2,441
|
You won't be able to restrict root from doing anything; if you think about it, doing so could lead to some real trouble if something needs dealing with. Also, only a few people, all administrators, should have any access whatsoever to the root account; if you do have folk that require some access to some privileged commands, that's what sudo is for (minimum grants to non-root users).
Too, there really isn't much need to restricting users ability for changing their own passwords -- you may want to require periodic password changes (that's good practice), but there is no reason to not permit a user's changing their own password every hour if they feel like it (it's their password, why should anybody else give a hoot if they change it?). The root user can, at any time, change any password on the system so there really is no need to restrict users password changes.
If you have a situation where a group of users are working on a project, that's where you want to use group permissions (not group passwords though) to permit each member access to a common directory tree's content. You control who has what access by adding or deleting individual users to a group.
Hope this helps some.
|
|
|
|
|
06-02-2010, 01:51 AM
|
#4
|
|
LQ Newbie
Registered: Jun 2010
Posts: 2
Original Poster
Rep:
|
I have changed 4th field in /etc/shadow file to "1" for non-root users and its working fine.  But is there any mechanism to restrict root from changing password in one day? (i want to know this just as a curiosity)
Thanks
Vinu |
|
|
|
|
06-02-2010, 07:00 AM
|
#5
|
|
LQ Veteran
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,797
|
If you can restrict root from doing something, then what user would be able to override that? Someone has to be at the top of the food chain.
|
|
|
|
|
06-02-2010, 09:00 AM
|
#6
|
|
Member
Registered: May 2006
Posts: 34
Rep: 
|
Rewrite the "passwd" source to allow only one change per day. Of course, as root, you could always revert to the original source in order to allow more than one password change per day. So, you see, it is impossible to restrict root from changing their own password.
By the way, why would you want to do this?
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 06:05 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
