UNIX System Administration Handbook - Evi Nemeth [62]
• Set the user’s disk quota to zero, if quotas are in use.
• Remove the user from any local user databases or phone lists.
• Remove the user from the aliases file or add a forwarding address.
• Remove the user’s crontab file and any pending at jobs.
• Kill any of the user’s processes that are still running.
• Remove any temporary files owned by the user in /var/tmp or /tmp.
• Remove the user from the passwd and group files.
• Remove the user’s home directory.
• Remove the user’s mail spool.
Before you remove a user’s home directory, be sure to relocate any files that are needed by other users. Since you often can’t be sure which files those might be, it’s always a good idea to make an extra tape backup of the user’s home directory and mail spool before deleting them.
Once you have removed a user, you should verify that the user’s old UID owns no more files on the system. A fast way to perform this check is to use the quot command. For example, to see which users are taking up space on /home, we could run the following command:
# quot /home
/dev/rdsk/c0t3d0s6:
156254 millert
34520 hilbert
5572 #1161
683 #1069
See page 490 for more information about quotas and NFS.
In addition to telling us the number of disk blocks consumed by each user, quot tells us that two UIDs that are not listed in /etc/passwd own files. To find the exact paths to these orphaned files, we’d have to use
# find -x /home -nouser -print
This command takes considerably longer to run than quot.
Despite its name, quot does not require that disk quotas be active. However, because it accesses raw disk partitions, it only works on local disks. It cannot be used to analyze filesystems mounted over NFS.
6.8 DISABLING LOGINS
On occasion, a user’s login must be temporarily disabled. Before networking invaded the UNIX world, we would just put a star in front of the encrypted password, making it impossible for the user to log in. However, users could still log in across the network without entering a password, so this technique no longer works very well.
These days, we replace the user’s shell with a program that prints a message explaining why the login has been disabled and provides instructions for rectifying the situation. This pseudo-shell should not be listed in /etc/shells; many daemons that provide nonlogin access to the system (e.g., ftpd) check to see if a user’s login shell is listed in /etc/shells and will deny access if it is not (which is the behavior you want).
There is one problem with this method of disabling logins, however. By default, sendmail will not deliver mail to a user whose shell does not appear in /etc/shells. It’s generally a bad idea to interfere with the flow of mail, even if the recipient is not able to read it immediately. You can defeat sendmail’s default behavior by adding a fake shell named /SENDMAIL/ANY/SHELL/ to the /etc/shells file.
6.9 VENDOR-SUPPLIED ACCOUNT MANAGEMENT UTILITIES
Solaris, HP-UX, and Red Hat Linux provide a similar set of utilities that help to automate the creation, deletion, and modification of users and groups. FreeBSD has a separate set of utilities, which we describe briefly on the next page.
The useradd command adds users to the passwd file (and to the shadow file, if applicable). It provides a command-line-driven interface that is easy to run by hand or to call from a home-grown adduser script. The usermod command changes the passwd entries of existing users. The userdel command removes a user from the system, optionally deleting the user’s home directory. groupadd, groupmod, and groupdel commands also operate on the /etc/group file.
Although these commands are convenient, they are rarely sufficient to implement all of a site’s local policies. We recommend that you write your own