Welcome to the Linux Foundation Forum!

LFS201 course typos: user management

In 30.7.b, Locked accounts II: usermod -L locks only the use of the password, not the account. You can still login through SSH keys, for example. I think this part is misleading as it creates a false sense of security.

In 30.13, Restricted shell: the last sentence is really strange (and wrong, I guess):

If the user don't have execute permissions on /home, he cannot access its $HOME directory at all. Did you mean that he must not have write permissions on $HOME nor $HOME/.bash_profile? Or maybe use the immutable attribute for this file?

In 30.14, Restricted accounts: you suggest to create a copy of bash named rbash and then use /bin/bash as the shell. Is it not /bin/rbash instead?

Categories

Upcoming Training