SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
It would just mean that nobody could execute the passwd program, I can't think of any consequences beyond that.
However, I would think a better thing to do would be to just "chmod 700 /usr/bin/passwd" then root could still execute it. If those bad "kids" have root, it wouldn't much matter what you did to it. Note that passwd normally has the suid bit set so normal users can use it (with sufficient privileges to write their changes).
P.S. They'd have to be root to create new users. The solution is to not give them root privileges. (useradd or adduser script front end is used to create users)
Last edited by TheRealGrogan; 10-19-2019 at 04:46 AM.
only problem is they boot on usb and change root passwd with chroot.
I believe that in your situation, the single reasonable solution is to use encryption for your partitions.
Using a good quality flash drive as your boot drive, with the kernel and initrd, you can save here the decryption key, then unless that particular flash drive is plugged in the box, nobody can access your system and data.
Of course, that's unless your kids are NSA-grade hackers and they already hidden in your garage a super-computer having at least 10000 Threadrippers. Case when you are doomed anyway.
Last edited by ZhaoLin1457; 10-20-2019 at 01:55 AM.
As others have pointed out here breaking the system by removing the execute permission on the password program really makes little sense. Primarily because anyone with enough permissions to "add a user" in practical terms on Slackware that means writing to /etc/passwd, /etc/group, /etc/shadow can also simply restore the permissions on the passwd binary.
This is problem with public machines in youthcenter.
I find a way (someone want know)
Install slackware with LVM in crypted disk.(no easyway to chroot)
#chmod -x passwd
#chattr +i /etc/shadow
(no seems to harm)
Thanks!
Can't you disable USB boot? BIOS needs to be configured to be able to boot form DVD or USB.
Edit: Find those guys and try to teach them something more useful. Seems they are quite capable. Who knows? When I was kid I stolen books from bookstore. Manager caught me. Instead of calling militia he ordered me to visit bookstore an help him time to time. This is how I started to read the books.
Helou!
Like I write before.Nobody can chroot cause LVM+crypted disks.
Chroot not understand logicalvolumes .
Chattr +i they can't write shadow file.
And users not change password chmod -x passwd.
Like GazL write easyest way is old way...(bios password)
I forgotten that
I hope this enough.Some day those genious find the way..
like take battery off on motherboard.
How smart they can be
We solved this!
Many thanks !
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.