Disable All User Login Access
- Jan
- 05
- Posted by TKH Specialist
- Posted in System Administration
There are occasions when you want to make sure users can not log into a system. This can be due to a maintenance period or I have used it as part of the process for retiring a system. It is simple enough but I thought it worth documenting for prosperity.
# cd /{root of user home directory} # ls -al | awk '{print $3}' | grep -v -e '^$' | grep -v {account exceptions} |while read a;do usermod -s /sbin/nologin $a;done;
To break down possibly the non-obvious part down:
grep -v -e '^$'
This removes any blank lines from the output. The rest should be self-explanatory, if it isn’t ask in the comments section.
Don’t forget to add your account to the exception list, and it is always a good idea to test the output first. To reverse the process change /sbin/nologin to /bin/bash.
Recent Comments
- Stefan on Flush This!
- Timestamping your Bash History | Matt's Entropy on Remember when you issued that command…?
- Matt Smith on Remember when you issued that command…?
- Ruan on Putting ‘lsof’ to use
- Dylan F. Marquis on External Mapping of LDAP attributes in CAS