lenny@icus.islp.ny.us (Lenny Tropiano) (02/27/89)
In article <563@kosman.UUCP> kevin@kosman.UUCP (Kevin O'Gorman) writes: |>I was just fiddling around with the login password stuff that was posted |>a while ago. It worked as advertised, at least as far as what it did |>to /etc/dialups and /etc/d_passwd. However, the underlying behaviour of |>/etc/login seems at odds with what I thought it was supposed to be. |> |>I thought that ONLY the shells named in /etc/d_passwd would get prompted |>for a password. This is not the case on my machine: anyone logging in |>on a line listed in /etc/dialups seems to have to go through this. |> ... Well actually for some reason, I thought that was the way. I've noticed it's not, at least not on the UNIX pc. I haven't had a chance to try it on the 3B2 or 6386WGS in the office, but I seem to remember if the shell was not listed in the /etc/d_passwd, it wouldn't ask for "Dialup Password:". Since I was the one who posted the dpasswd program, I did some investigating of my own. I don't use dialup passwords here locally, it's something I really don't need the extra security. Only "trusted" users really get access to my UNIX PC, and only a *select few* have shell access in my non-restrictive filesystem. I do have a "restrictive filesystem setup" for those who _needed_ access. Basically a "chroot(1M)'d filesystem"... It seems to get Dialup Passwords to work correctly, at least on the UNIX PC, you need to specify *ALL* shells that you have in /etc/passwd, in /etc/d_passwd, but you don't need to have a password on the line. This can be done by editting /etc/d_passwd, and placing a line like: /usr/lib/uucp/uucico:: This will allow all uucico transactions to login without a dialup password, or you can use dpasswd [posted back a month or two by me] like: # dpasswd -v -p /usr/lib/uucp/uucico New Dialup Password: <CR> Retype Dialup Password: <CR> dpasswd: Dialup program restriction added for /usr/lib/uucp/uucico. # cat /etc/d_passwd /usr/lib/uucp/uucico:: |>This is not good. All my uucp hookups use a shell called |>/usr/lib/uucp/uucicoTZ (not a script, but a short compiled front end). |>These were getting the Dialup Password: prompt. Not what I had in mind. |> ... In this case the shell would be /usr/lib/uucp/uucicoTZ. Sorry for any confusion ... Hope this helps ... -Lenny -- Lenny Tropiano ICUS Software Systems [w] +1 (516) 582-5525 lenny@icus.islp.ny.us Telex; 154232428 ICUS [h] +1 (516) 968-8576 {talcott,decuac,boulder,hombre,pacbell,sbcs}!icus!lenny attmail!icus!lenny ICUS Software Systems -- PO Box 1; Islip Terrace, NY 11752