From owner-svn-doc-head@FreeBSD.ORG Wed Jan 16 08:50:15 2013 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 54D53596; Wed, 16 Jan 2013 08:50:15 +0000 (UTC) (envelope-from bcr@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 2EDBD3D2; Wed, 16 Jan 2013 08:50:15 +0000 (UTC) Received: from svn.freebsd.org (svn.FreeBSD.org [8.8.178.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r0G8oFWJ056221; Wed, 16 Jan 2013 08:50:15 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id r0G8oFHf056204; Wed, 16 Jan 2013 08:50:15 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201301160850.r0G8oFHf056204@svn.freebsd.org> From: Benedict Reuschling Date: Wed, 16 Jan 2013 08:50:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r40649 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jan 2013 08:50:15 -0000 Author: bcr Date: Wed Jan 16 08:50:14 2013 New Revision: 40649 URL: http://svnweb.freebsd.org/changeset/doc/40649 Log: Correct the example on how to prevent NIS users from logging in. The previous instructions did not work and this corrected version is based on a working config from a production system. Add some descriptive text, too. Submitted by: Glen Neff Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Jan 16 08:18:08 2013 (r40648) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Jan 16 08:50:14 2013 (r40649) @@ -1951,10 +1951,13 @@ nis_client_enable="YES" There is a way to bar specific users from logging on to a machine, even if they are present in the NIS database. To do this, all you must do is add - -username to the + -username with + the correct number of colons like other entries to the end of the /etc/master.passwd file on the client machine, where username is the username of the user you wish to bar from logging in. + The line with the blocked user must be before the + + line for allowing NIS users. This should preferably be done using vipw, since vipw will sanity check your changes to /etc/master.passwd, as well as @@ -1964,7 +1967,7 @@ nis_client_enable="YES" basie we would: basie&prompt.root; vipw -[add -bill to the end, exit] +[add -bill::::::::: to the end, exit] vipw: rebuilding the database... vipw: done @@ -1985,8 +1988,8 @@ uucp:*:66:66::0:0:UUCP pseudo-user:/var/ xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin +-bill::::::::: +::::::::: --bill basie&prompt.root;