Restrict chfn usage - Mandriva

This is a discussion on Restrict chfn usage - Mandriva ; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In Debian one can restrict the usage of chfn by adding CHFN_RESTRICT in /etc/login.defs This have no effect in Mandriva. Does mandriva have a similar function? I want to disable the users ability to ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Restrict chfn usage

  1. Restrict chfn usage

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    In Debian one can restrict the usage of chfn
    by adding CHFN_RESTRICT in /etc/login.defs
    This have no effect in Mandriva.

    Does mandriva have a similar function?

    I want to disable the users ability to change their Name.

    - --
    Solbu - http://www.solbu.net
    Remove 'ugyldig.' for email
    PGP key ID: 0xFA687324
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.2 (GNU/Linux)

    iD8DBQFHRNsmT1rWTfpocyQRAhxEAJ4rd5CKzwBnZ+8b4/cx0y7woVq3PwCeN6XR
    4NULGOOEZXf8y749pZ4MoK0=
    =QewW
    -----END PGP SIGNATURE-----

  2. Re: Restrict chfn usage

    Solbu wrote:
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > In Debian one can restrict the usage of chfn
    > by adding CHFN_RESTRICT in /etc/login.defs
    > This have no effect in Mandriva.
    >
    > Does mandriva have a similar function?
    >
    > I want to disable the users ability to change their Name.


    Change the permissions on /usr/bin/chfn and /usr/bin/lchfn
    to 750, making them executable and readable only by root.

    Cheers!

    jim b.

    --
    UNIX is not user-unfriendly; it merely
    expects users to be computer-friendly.

  3. Re: Restrict chfn usage

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Jim Beard sent the following transmission through subspace:

    > Change the permissions on /usr/bin/chfn and /usr/bin/lchfn
    > to 750, making them executable and readable only by root.


    That is not what I asked.
    I asked about restricting the ability to change the Name,
    not the whole utility.

    In Debian, the default restriction disables the "Full name" change
    but allow the users to change "room number", "work phone" and "home phone"

    - --
    Solbu - http://www.solbu.net
    Remove 'ugyldig.' for email
    PGP key ID: 0xFA687324
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.2 (GNU/Linux)

    iD8DBQFHRQ5iT1rWTfpocyQRAiikAKDX5sMwZE5P20kAbXH4gS AxQXAwNQCfRZOg
    NVScEbPQ4gs8+JCeeLiQhLM=
    =ClHr
    -----END PGP SIGNATURE-----

  4. Re: Restrict chfn usage

    Solbu wrote:
    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > Jim Beard sent the following transmission through subspace:
    >
    >> Change the permissions on /usr/bin/chfn and /usr/bin/lchfn
    >> to 750, making them executable and readable only by root.

    >
    > That is not what I asked.
    > I asked about restricting the ability to change the Name,
    > not the whole utility.
    >
    > In Debian, the default restriction disables the "Full name" change
    > but allow the users to change "room number", "work phone" and "home phone"


    Sorry, I am not familiar with the Debian version,
    and I know of nothing that does exactly that in
    Mandriva.

    If you have users who cannot be trusted to use their
    own names (particularly as chfn cannot change the
    login name which is a unique reliable identifier),
    I fail to see how one could trust them with the other
    identifiers. Further, the problem would seem to me
    one that restrictions on computer use cannot address,
    so pretty much any fine-tuned constraints would be
    pointless.

    Cheers!

    jim b.

    --
    UNIX is not user-unfriendly; it merely
    expects users to be computer-friendly.

+ Reply to Thread