On Sat, Mar 21, 2015 at 4:11 PM, Bill Ricker <[email protected]> wrote: > On Sat, Mar 21, 2015 at 8:02 AM, Jerry Feldman <[email protected]> wrote: >> The root passwords on >> these systems were expired and this prevents cron from executing on a >> user with an expired password. > > Ouch. Yet another reason to avoid having 'root' have a password. > > Is it even possible to configure RH for root to a UID but not an > interactive account, like in Ubuntu ?
In what sense is root not an interactive account on Ubuntu? The shell entry for root is an interactive shell. Ubuntu simply doesn't give root a password which can be used to login and makes sure that a non-root user name can sudo to root. I believe there are other things as well, but those are the basic differences. You could do the same thing manually on any relatively modern Linux system. The really interesting thing for me here is how our modern world of PAM authentication interacts with things that I don't normally think requires authentication. When I saw Jerry's original note, I did some googling and found that this can cause problems with ssh key-only logins as well. If you look at /etc/pam.d, it seems lots of programs use PAM for authorization/authentication and I suspect that there are other surprises waiting there. Bill Bogstad _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
