nerdexam
CompTIA

LX0-103 · Question #166

Of the ways listed, which is the best way to temporarily suspend a user's ability to interactively login?

The correct answer is C. Changing the user's shell to /bin/false.. This question tests the best reversible method to temporarily prevent a Linux user from logging in interactively.

Linux Installation and Package Management

Question

Of the ways listed, which is the best way to temporarily suspend a user's ability to interactively login?

Options

  • AChanging the user's UID.
  • BChanging the user's password.
  • CChanging the user's shell to /bin/false.
  • DRemoving the user's entry in /etc/passwd.

How the community answered

(54 responses)
  • A
    4% (2)
  • B
    2% (1)
  • C
    87% (47)
  • D
    7% (4)

Why each option

This question tests the best reversible method to temporarily prevent a Linux user from logging in interactively.

AChanging the user's UID.

Changing the UID breaks file ownership across the filesystem because all files owned by the original UID become orphaned, making it destructive and inappropriate for a temporary suspension.

BChanging the user's password.

Changing the password is not ideal for a temporary suspension because the original password is lost and must be manually reset again when access needs to be restored.

CChanging the user's shell to /bin/false.Correct

Changing a user's login shell to /bin/false or /sbin/nologin immediately prevents interactive login because the shell exits with a non-zero status upon launch, denying the session. This is easily reversible by restoring the original shell entry in /etc/passwd without altering passwords, UIDs, or any other account data.

DRemoving the user's entry in /etc/passwd.

Removing the user's /etc/passwd entry permanently deletes the account definition from the system, which is a destructive action not suitable for a temporary suspension.

Concept tested: Linux user login suspension via shell replacement

Source: https://man7.org/linux/man-pages/man8/usermod.8.html

Topics

#user account management#login shell#/bin/false#account lockout

Community Discussion

No community discussion yet for this question.

Full LX0-103 Practice