IBM 10 SP1 EAL4 Server User Manual


 
6. Processes command-line arguments.
7. Ensures that the user account being modified exists.
8. Invokes open_files() to lock and open authentication database files.
9. Invokes usr_update() to update authentication database files with updated account information.
10. Generates audit record to log actions of the usermod command. The logged actions include locking
and unlocking of user account, changing of user password, user name, user ID, default user group,
user shell, user home directory, user comment, inactive days, expiration days, mail file owner, and
moving of user’s home directory.
11. If updating group information, invokes grp_update() to update group information.
12. Invokes close_files() to close authentication database files.
13. Invokes pam_chauthok() to rejuvenate the user’s authentication tokens.
14. Exits.
5.13.2.3 userdel
The userdel program allows an administrator to delete an existing user account. Refer to the userdel
man page for more information. userdel generally follows these steps:
1. Sets language.
2. Invokes getpwuid (getuid()) to obtain the application user’s passwd structure.
3. Invokes pam_start() to initialize PAM library and to identify the application with a particular
service name.
4. Invokes pam_authenticate() to authenticate the application user. Generates audit record to log
the authentication attempt and its outcome.
5. Invokes pam_acct_mgmt() to perform module-specific account management.
6. Processes command-line arguments.
7. Ensures that the user being deleted does exist, and is currently not logged on.
8. Invokes open_files() to lock and open authentication database files.
9. Invokes usr_update() to update authentication database files with updated account information.
10. Invokes grp_update() to update group information.
11. Generates audit record to log deletion of a user and the deletion of user’s mail file.
12. Invokes close_files() to close authentication database files.
13. If called with the -r flag, removes the user’s mailbox by invoking remove_mailbox() and
removes the user’s home directory tree by invoking remove_tree().
14. Cancels any cron or at jobs that the user created.
15. Invokes pam_chauthok() to rejuvenate the user’s authentication tokens.
16. Exits.
199