Hi
Part of our security audit we found that following system account's had shells configured;
sync
halt
shutdown
I believe this can be achieved by following commands:
chsh -s /sbin/nologin (user)
usermod -s /sbin/nologin (user)
However, I would like simple script to include these 3 account's only. Please can you advise on a simple script which can set this shell to nologin for these 3 users?
Regards
G
Welcome to the forum.
Why a script for this one-off task?
Please, try the following:
for u in sync halt shutdown; do
usermod -s /sbin/nologin "$u"
done
Hi
Yes it's a small one off task But it appears they are reluctant for having a script to do the work rather than a manual approach.
Therefore, wanted a script to do resolve the issue of having invalid shell accounts for the three accounts mentioned earlier.
Thanks,
G
You could probably use /bin/false if /sbin/nologin does not exist.
[quote=gamma;303003499]
Hi
Yes it's a small one off task But it appears they are reluctant for having a script to do the work rather than a manual approach.
Therefore, wanted a script to do resolve the issue of having invalid shell accounts for the three accounts mentioned earlier.
The other thing I forgot to add was do we need to define the "/etc/passwd" within your for loop or will that be captured?
Thanks,
