Re: [ot] how to create a user that can't log in?
hi ya nathan
> No, it's not the right way. The daemons need to run as the project
> user, not the individual user.
i usually wonder why scripts need to be run as a specific user
( webmaster -- seems to be a popular example ...
-- solution i use... webmaster does NOT get a login prompt for anybody
- cgi scripts that create /home/httpd/html/foo.new directories
and files are responsible for changing the dirs/permissions
- what about the script or user doing an "sudo"
- i dont remember if sudo requires a shell prompt
- i'd try sudo before i'd play with pam... just my dumb guess
- the script too can do a "su - project" ( aka su - news ) while/before
the news scripts starts running
- you could also restrict xyz logins only from certain ip# and only on
certain console/terminals
- remote users, dialups, etc annot run the same commands
remotely unless they are say physically in front of the machine
> I know how to set up groups, permissions, etc. ... been doing that for
> several years now.
-- sorry... was my first dumb answer to try to solve it
> What I'm wondering is if PAM or some other mechanism can be used to
> prevent a user from logging in via a network connection. It looks
> like people here don't know; that's fine, I'll continue researching.
hopefully... you'll post the final implementation ??
have fun linuxing
alvin
Reply to: