LFS201 course typos: user management
In 30.7.b, Locked accounts II:
usermod -L locks only the use of the password, not the account. You can still login through SSH keys, for example. I think this part is misleading as it creates a false sense of security.
In 30.13, Restricted shell: the last sentence is really strange (and wrong, I guess):
If the user don't have execute permissions on
/home, he cannot access its
$HOME directory at all. Did you mean that he must not have write permissions on
$HOME/.bash_profile? Or maybe use the immutable attribute for this file?
In 30.14, Restricted accounts: you suggest to create a copy of
rbash and then use
/bin/bash as the shell. Is it not