nerdexam
CompTIA

LX0-103 · Question #167

You have a user whose account you want to disable but not remove. What should you do?

The correct answer is D. Edit /etc/passwd and insert an * after thefirst : .. This question tests how to lock a Linux user account in /etc/passwd without deleting the account entry.

Linux Installation and Package Management

Question

You have a user whose account you want to disable but not remove. What should you do?

Options

  • AEdit /etc/gshadow and just remove his name.
  • BEdit /etc/passwd and change all numbers to 0.
  • CEdit /etc/shadow and remove the last field.
  • DEdit /etc/passwd and insert an * after thefirst : .
  • EEdit /etc/group file and put a # sign in front of his name.

How the community answered

(44 responses)
  • A
    2% (1)
  • B
    2% (1)
  • D
    95% (42)

Why each option

This question tests how to lock a Linux user account in /etc/passwd without deleting the account entry.

AEdit /etc/gshadow and just remove his name.

The /etc/gshadow file controls group shadow passwords and memberships, not individual user login authentication, so editing it would not disable the user's interactive login.

BEdit /etc/passwd and change all numbers to 0.

Changing all numeric fields in /etc/passwd to 0 sets the user's UID and GID to 0 (root), which grants superuser privileges rather than disabling the account.

CEdit /etc/shadow and remove the last field.

The last field in /etc/shadow is the account expiry date, not the password hash - removing it does not reliably lock the account and risks corrupting the shadow file format.

DEdit /etc/passwd and insert an * after thefirst : .Correct

In /etc/passwd, the second field (between the first and second colons) holds the password hash or a placeholder. Inserting '*' in this field causes the authentication system to treat the account as locked because '*' is never a valid password hash. The account entry remains intact and can be re-enabled by removing the '*', making this a non-destructive and reversible disable method.

EEdit /etc/group file and put a # sign in front of his name.

The /etc/group file only controls group memberships and has no effect on a user's ability to authenticate and log in to the system.

Concept tested: Locking Linux user account via /etc/passwd password field

Source: https://man7.org/linux/man-pages/man5/passwd.5.html

Topics

#user account management#/etc/passwd#account disable#password field

Community Discussion

No community discussion yet for this question.

Full LX0-103 Practice