on Wed, Nov 05, 2003 at 10:22:39AM -0700, Monique Y. Herman (spam@bounceswoosh.org) wrote:
> So, I've noticed that my home machine has some accounts lying around
> that are certainly unused -- I set up a user so that a friend could use
> my disk space, that sort of thing.
>
> Got me thinking ... okay, you use 'userdel -r foo', and it gets rid of
> the passwd entry, home directory, and mailspool ...
>
> It's also occured to me that the user may have cron jobs installed.
> What other things might a user have that aren't automagically handled?
"Deleting" a system user is frequently *not* what you want to do.
Your best bet is to make the user inactive.
passwd -l
...prevents logins on the account.
Change the user shell to /bin/false to prevent the user from running a
shell.
Checking under /var/spool will show crontabs and at jobs. Not sure if
there's a way to disable these, or if the 'passwd -l' trick does that.
Finally, the user is likely to have files on the system -- certainly
under /home (or $HOME, if not under /home), and possibly elsewhere.
It's the residual files which are th epirmary reason *not* to blindly
delete a user's /etc/passwd entry. Given a disabled account, the user
*cannot* log into the system. However the system administrator *can*
still identify files owned by that user, and move, change ownership, or
delete these as necessary.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
"Yes," said Marvin. "Why stop now just when I'm hating it?"
-- HHGTG
Attachment:
signature.asc
Description: Digital signature