Removing A User - Page 2

6 Remove The User's Cron Jobs

The next step is to check whether the user has cron jobs, and to delete or disable them if he does. We can use the crontab command to find out if he has cron jobs:

# crontab -u bwilson -l

If you see that bwilson has cron jobs, you can disable them by running

# crontab -u bwilson -e

In the crontab editor that pops up you can simply disable all cron jobs by commenting them out (i.e., by prepending with a #). For instance, you can disable

50 23 * * * /usr/bin/someprocess

like this:

#50 23 * * * /usr/bin/someprocess

Instead of disabling the cron jobs of bwilson, you can as well delete them by running

# crontab -u bwilson -r


7 Sealing The Home Directory

You will often find that management wants to retain the information in the directory of an employee who leaves. All the email and other documents in a personal user's account belong to the company. In the event a disgruntled former employee becomes litigious, the company's legal counsel may want these files. Many analysts consider the keeping such directories as good practice.You can save the contents of a user's home directory by renaming it. Simply execute a move command:

 # mv /home/bwilson /home/bwilson.locked  

In this way, the former employee cannot log in or make any use of configuration files such as the .forward file discussed in the previous section. The contents remain intact if needed later.


8 Remove The User From sudoers

If you have sudo installed, you should also remove the user from /etc/sudoers or at least disable him there. You can do this with the visudo command:

# visudo 


9 Check All Other Applications For Logins Of That User

You might also want to check all your other applications (e.g. MySQL) that don't use system user logins but where the user to be removed might have logins under another username. You should check your web site, PHP scripts, etc. for user logins and disable the login for the user to be removed. I will give three other examples here:


9.1 Web Directories Protected By .htaccess/.htpasswd

You might have some directories on your web site that are password-protected by .htaccess/.htpasswd (for example, the web site statistics folder), and until now the user to be removed (I'll name him bwilson here again, although the username might be completely different from the username we used so far because it is no system user this time) had access to these directories. You can remove bwilson's login with the htpasswd command.

Let's assume the .htpasswd file is /var/www/.htpasswd. Then you can remove bwilson's login like this:

# htpasswd -D /var/www/.htpasswd bwilson 


9.2 MySQL

If bwilson has a login for the company's MySQL database, you can remove the login like this:

# mysql -u root -p
REVOKE ALL PRIVILEGES, GRANT OPTION FROM bwilson;
quit;


9.3 Postfix

If Postfix uses sasldb2 instead of the passwords in /etc/shadow, you must delete the user bwilson from /etc/sasldb2 - otherwise he will be able to send emails. You can do that with the saslpasswd2 command:

# saslpasswd2 -d bwilson

If you're using SASL version 1 instead of version 2, then you must use the saslpasswd command:

# saslpasswd -d bwilson 

The passwords are then stored in /etc/sasldb instead of /etc/sasldb2.

Share this page:

10 Comment(s)