Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!paperboy!think.com!spool2.mu.edu!sdd.hp.com!elroy.jpl.nasa.gov!freedom!cornutt
From: cornutt@freedom.msfc.nasa.gov (David Cornutt)
Newsgroups: comp.unix.admin
Subject: Re: Forcing actions at login
Message-ID: <1991Jan22.185016.15252@freedom.msfc.nasa.gov>
Date: 22 Jan 91 18:50:16 GMT
References: <6153@ecs.soton.ac.uk> <446@minya.UUCP> <1991Jan10.191546.268@am.sublink.org> <449@minya.UUCP> <1991Jan16.000012.26467@lokkur.dexter.mi.us> <1991Jan22.023543.934@melb.bull.oz.au>
Organization: MSFC
Lines: 42

Here's an off-the-top-of-my-head suggestion; I haven't actually
tried this.  Create a directory (call it /usr/everyone) which is
designated as the home directory in the passwd entries.  Make it
owned by root (or other privileged uid) and writable to no one
except the owner.  Put a .login and a .cshrc in there containing
the things that you want everyone to have.  Then, have the .login,
as the last thing that it does, source a script which looks up
the user's *real* home directory in a list somewhere, cd's to it and
sets the HOME variable to it, and then sources the user's .login
and .cshrc (if you want).  This way, the users can still have their 
personalized logins if you want to let them do that, and you don't
have to cut off their write access to their own home directories.

Possible problems with this approach:

(1) Having never actually tried this, I don't know if changing HOME
is sufficient to alter csh's notion of what the home directory is,
or what the possible side effects might be.

(2) Subshells will still execute the user's .cshrc instead of the
one in /usr/everyone.

(3) Extra force would be required to be able to admin this over YP
(create a new map for the home directory list, write a script to extract
entries from it, etc.), or to integrate it into an automated account
maintenance tool.

Possible benefits:

(1) Users can exercise control over their home directories.

(2) You only have to maintain one copy of the mandatory .login
and .cshrc, in /usr/everyone.

(3) Other wierdities that you get when users can't create files in
their home directories go away (.lastlogin works, for instance).

-- 
David Cornutt, New Technology Inc., Huntsville, AL  (205) 461-6457
(cornutt@freedom.msfc.nasa.gov; some insane route applies)
"The opinions expressed herein are not necessarily those of my employer,
not necessarily mine, and probably not necessary."