Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!samsung!umich!ox.com!mudos!mju
From: mju@mudos.ann-arbor.mi.us (Marc Unangst)
Newsgroups: comp.unix.sysv386
Subject: Re: Which UNIX?
Message-ID: <gL3TP2w163w@mudos.ann-arbor.mi.us>
Date: 21 Sep 90 06:32:51 GMT
References: <1990Sep19.011303.13481@NCoast.ORG>
Organization: The Programmers' Pit Stop, Ann Arbor MI
Lines: 24

allbery@NCoast.ORG (Brandon S. Allbery KB8JRR/KT) writes:
> You missed a thread from about a month ago.  I *have* relaxed security; I
> installed it that way.  Unfortunately, this didn't stop it from screaming
> about security violations when I attempted to add a new shell to the sysadmsh
> list of configurable login shells.  Among other things.

Oh, you use sysadmsh.  That explains a lot.

One thing I learned is the first month of ODT is to stay as far away
from sysadmsh as possible.  I do most modifications to the password
database by editing the authentication files under /tcb/files/auth,
the /etc/passwd file, and the various files under /etc/auth.
/tcb/bin/authck is useful for checking that I didn't forget a file
somewhere along the line and that everything checks out.

sysadmsh may be good for the novice sysadmin who doesn't know a
password file from device driver.  But it's an absolute pain in the
ass when you know what you're doing, and need to get it done quickly
and efficiently.

--
Marc Unangst               | "da-DE-DA: I am sorry, the country you have
mju@mudos.ann-arbor.mi.us  | dialed is not in service.  Please check the
...!umich!leebai!mudos!mju | number and try again."  -- Telecom Kuwait