This has bothered me for a while... and it would be nice to
see this as being a configurable option. I don't want my
regular users to be able to change their name. They can
contact root if they have a valid reason. But they should
be able to change the rest of the info.
Either way this is just a little documentation complaint.
The file /etc/login.defs contains this option:
# Require password before chfn/chsh can make any changes.
# Don't allow users to change their "real name" using chfn.
But they do not work. Namely the problem is that
/etc/login.defs comes from shadow-utils, whereas chfn comes
from util-linux. So for now I guess removing these three
lines would be OK. (The first should be on, all the time
[root@zarg /etc]# rpm -qf /etc/login.defs
[root@zarg /etc]# rpm -qf /usr/bin/chfn
We are not using the login.defs file to control the behavior of the
chfn and chsh utilities
Ok, then can the references to chfn/chsh be removed from
shadow-970616.login.defs (/etc/login.defs). If it is not used it just
creates confusion if it is in the file.
fixed in shadow-utils-980403-8 and later.