LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-01-2010, 06:46 AM   #1
vinuss
LQ Newbie
 
Registered: Jun 2010
Posts: 2

Rep: Reputation: 0
User should be able to change password once in a day


Hi,
I want to do setting in RHEL5 such that user should able to change his password only once in a day.
I have changed the fourth field (i.e. minimum number of days to change) in in "/etc/shadow" file for "root" to "1". But its not working. I am able to change the password of "root" using "passwd" command.
Any one can help me out on this issue?
Thanks in advance

Thanks
Vinu
 
Old 06-01-2010, 07:49 AM   #2
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728
You say you changed the settings for root----I think you need to change them for each user.
 
Old 06-01-2010, 07:54 AM   #3
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 2,993

Rep: Reputation: 737Reputation: 737Reputation: 737Reputation: 737Reputation: 737Reputation: 737Reputation: 737
You won't be able to restrict root from doing anything; if you think about it, doing so could lead to some real trouble if something needs dealing with. Also, only a few people, all administrators, should have any access whatsoever to the root account; if you do have folk that require some access to some privileged commands, that's what sudo is for (minimum grants to non-root users).

Too, there really isn't much need to restricting users ability for changing their own passwords -- you may want to require periodic password changes (that's good practice), but there is no reason to not permit a user's changing their own password every hour if they feel like it (it's their password, why should anybody else give a hoot if they change it?). The root user can, at any time, change any password on the system so there really is no need to restrict users password changes.

If you have a situation where a group of users are working on a project, that's where you want to use group permissions (not group passwords though) to permit each member access to a common directory tree's content. You control who has what access by adding or deleting individual users to a group.

Hope this helps some.
 
Old 06-02-2010, 01:51 AM   #4
vinuss
LQ Newbie
 
Registered: Jun 2010
Posts: 2

Original Poster
Rep: Reputation: 0
I have changed 4th field in /etc/shadow file to "1" for non-root users and its working fine. But is there any mechanism to restrict root from changing password in one day? (i want to know this just as a curiosity)

Thanks
Vinu
 
Old 06-02-2010, 07:00 AM   #5
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728
If you can restrict root from doing something, then what user would be able to override that? Someone has to be at the top of the food chain.
 
Old 06-02-2010, 09:00 AM   #6
mlnutt
Member
 
Registered: May 2006
Posts: 34

Rep: Reputation: 15
Rewrite the "passwd" source to allow only one change per day. Of course, as root, you could always revert to the original source in order to allow more than one password change per day. So, you see, it is impossible to restrict root from changing their own password.

By the way, why would you want to do this?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Create user add file with default password and force user to change it? Morgandy Linux - Newbie 3 02-02-2010 05:06 PM
Locking out a user when password expires, but allowing them to change their password kaplan71 Linux - Security 5 06-27-2008 07:12 PM
samba(global security=user) useful tools for client.ex: user change password. hocheetiong Linux - Newbie 1 03-18-2008 09:20 AM
Help! Cannot Add a User to User Manager or Change Root Password lennysokol Linux - General 2 06-25-2005 09:59 AM
what is the command to make a user change their password after creating a new user? naweenio Linux - Newbie 7 01-05-2005 07:07 AM


All times are GMT -5. The time now is 06:25 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration