cancel
Showing results for 
Search instead for 
Did you mean: 
Chetan_Tiwary_
Community Manager
Community Manager
  • 561 Views

Red Hat Linux Interview Series 16

Q.) Which of the below will take precedence ?

# cat /etc/login.defs  | grep -i len
PASS_MIN_LEN    5
# cat /etc/security/pwquality.conf | grep -i len
minlen = 9

 

Q.) How to resolve this error when doing ssh

Last login: Tue Oct 8 22:09:50 2024 from 72.57.183.162  
This account is currently not available.

 

Q.) How do I change the default kernel in GRUB that is loaded at startup?

 

 

I'll be posting a series of Linux-related questions covering various skill levels. Feel free to share your insights and expertise. Your contributions will benefit learners at all stages, from those in current roles to those preparing for Linux interviews.

 

Level - L1 and above

7 Replies
Trevor
Starfighter Starfighter
Starfighter
  • 496 Views

That first question is a lovely one:  /etc/login.defs  vs  /etc/security/pwquality.conf
taking precedence.

I would say that I was resourceful (a gentlemanly way of saying "I cheated"), 
because I had a look at the exact response on the Red Hat Customer Portal.
However, I took my investigation a little bit further, and I walked through a couple
of scenarios, to confirm what that solution reported.  By doing so, I made a very
handsome discovery.

Okay, a direct quote from that solution on the Red Hat Customer Portal states:
"While changing the password, We can see that /etc/security/pwquality.conf 
takes precendence over /etc/login.defs".

Yeah, even if the minimum length is set to a lower value in the /etc/login/defs file,
the minimum length that's considered/enforced is the one in the
/etc/security/pwquality.conf!!!

Now, I'm not so sure that "precendence" is responsible for this, as much as "solitary"
is responsible.  What I'm saying here is that the setting in the /etc/security/pwquality.conf file is the only setting considered.  Why do I say this? 
Based on a little note in the /etc/logins.def file.  On line number 135 of the
/etc/logins.def file, the following comment appears:

              # Currently PASS_MIN_LEN is not supported

I didn't just look at this comment, and say, "Okay".  I had to examine it, and I did!!!  
Based on my examination, that comment is absolutely true!!!  For completeness, I 
examined this in a RHEL 9.4 installation - your mileage may vary

In conclusion, if I have to stick with "precedence", the setting in the
/etc/security/pwquality.conf file indeed takes precedence over the setting in the
/etc/logins.def - however, I must add, "by default"!!

 

Trevor "Red Hat Evangelist" Chandler
Trevor
Starfighter Starfighter
Starfighter
  • 491 Views

Question #2:  How to resolve this error when doing ssh 

Uh oh!  Looks like the system admin accidentally (or deliberately ) put the 
nologin command, in place of the bash command - in the /etc/passwd file.
With that being the case, there will be no logging into this user account!!!

As long as /sbin/nologin, is in field 7, of the /etc/passwd file, of a user account,
you will be greeted with the message "This account is currently not available"
(or some variation thereof) when attempting to login to that account!!!

So, if you wish to log into this account, simply replace /sbin/nologin with
/bin/bash, and you can put away the headache medication

                   #  usermod  -s  /bin/bash  user_account_name

 

Happy login!!!!

Trevor "Red Hat Evangelist" Chandler
Chetan_Tiwary_
Community Manager
Community Manager
  • 490 Views

@Trevor   You surely are preparing for a job change Chetan_Tiwary__1-1728505568533.jpeg

 

 

Trevor
Starfighter Starfighter
Starfighter
  • 485 Views

Preparing is right - not quite there yet    

Trevor "Red Hat Evangelist" Chandler
Trevor
Starfighter Starfighter
Starfighter
  • 486 Views

Question #3:  How do I change the default kernel in GRUB that is loaded at startup?

Sooooooooo, you want to change the default kernel in GRUB that is loaded at startup!
Well, I "think" I can help with that.

This isn't part of the solution, but I just like to verify what's currently in place before
I start tunring knobs.  So, I'll begin by executing the following command:

grubby  --default-kernel

Note:  This same command will be used to verify that a new kernel has been 
configured as the kernel to be loaded at startup!


Now, we need to identify the kernel (file) that we want to have loaded at startup.
Just like we know to go into the dairy section of the grocery store to look for milk,
we know to go into the /boot/ directory to locate the kernel files to choose from.
You won't have to spend a lot of time trying to locate them, because they'll be
bunched together, with names beginning with "vmlinuz....".

Okay, after identifying the kernel that you want to have loaded at startup, execute
the following command:

grubby  --set-default=/boot/kernel_filename

 

Restart/reboot your linux system to see that this is indeed the default kernel being
loaded at startup.  Now, go to lunch!!!

 

 

Trevor "Red Hat Evangelist" Chandler
Chetan_Tiwary_
Community Manager
Community Manager
  • 483 Views

Wonderful job explaining all the answers @Trevor !

Trevor
Starfighter Starfighter
Starfighter
  • 372 Views

Thank you Chetan, for your kind words and support, as always!!!

Trevor "Red Hat Evangelist" Chandler
Join the discussion
You must log in to join this conversation.