Summary: Acct w/no password under Solaris 2.4

From: Bill Spivey (bspivey@ROCKY.CLAREMONT.EDU)
Date: Wed Aug 21 1996 - 12:54:07 CDT

I had written Sun Managers:

>I want users to be able to login to a special account that runs a public
>application program.
>As root, I've tried:
> passwd -d <acct>
>On the next <acct> login, Solaris doesn't ask for a password, but demands a
>NEW one.

Thanks to Stephen Harris, Asim Zuberi, Rick Kelly, Pete Teklinski,
Musante, Bob Rahe, Ed Dawes, Mustafa Ilker Sozat, and Dieter Gobbers
for their help.

The solution is two-fold:

    1. Change PASSREQ=YES to PASSREQ=NO in etc/default/login
       Solaris will not demand that any account have a password.
       There are obvious security issues here, but our system has
       only a few personal accounts; the vast majority of our users
       will access our server's main application through the "open"

    2. ROOT> passwd -d <acct>
       removes any existing password for the account in /etc/shadow

There was another suggestion that instead of PASSREQ=NO, set
the account's entry in /etc/shadow to


I tried this and it did work, but I haven't been able to determine if
the no password condition will eventually expire.

Again, thanks to all who replied.

---------- Bill Spivey, Programmer Analyst, (909) 621-8196
\ / *Libraries of the Claremont Colleges
 \ / *800 N. Dartmouth Ave. Claremont CA 91711
  \ /
   \ / *
    \/ *

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:08 CDT