Which UNIX?

[Marc Unangst]

allbery at NCoast.ORG (Brandon S. Allbery KB8JRR/KT) writes:
> You missed a thread from about a month ago.  I *have* relaxed security; I
> installed it that way.  Unfortunately, this didn't stop it from screaming
> about security violations when I attempted to add a new shell to the sysadmsh
> list of configurable login shells.  Among other things.

Oh, you use sysadmsh.  That explains a lot.

One thing I learned is the first month of ODT is to stay as far away
from sysadmsh as possible.  I do most modifications to the password
database by editing the authentication files under /tcb/files/auth,
the /etc/passwd file, and the various files under /etc/auth.
/tcb/bin/authck is useful for checking that I didn't forget a file
somewhere along the line and that everything checks out.

sysadmsh may be good for the novice sysadmin who doesn't know a
password file from device driver.  But it's an absolute pain in the
ass when you know what you're doing, and need to get it done quickly
and efficiently.

--
Marc Unangst               | "da-DE-DA: I am sorry, the country you have
mju at mudos.ann-arbor.mi.us  | dialed is not in service.  Please check the
...!umich!leebai!mudos!mju | number and try again."  -- Telecom Kuwait