finger returns "Never logged in"

cody

Registered
finally got around to installing enough stuff to make my OS X machine useable as a shell box. mainly so i can ssh in from work, but while i was at it gave a couple of accounts(non-admin of course) to friends.

after a couple days i fingered them to see if they were using their accounts. "Never logged in" but running 'last' tells a different story. any ideas?


unrelated... running X on my B&W, 3rd party SCSI(2940UW) unfortunately i can't boot X off this card(grumble grumble didn't apple ship this card in beige G3's and release an updater that enabled X booting, not that it'll run on mine just because it's not "apple brand", grumble) and recently got around to moving all users home directories off the painfully slow(and small) IDE drive to the SCSI drives. only to have all manner of odd little annoyances pop up...had to recreate my keychain, bbedit couldn't find it's prefs and had to be reinstalled, etc. just wondering if anyone else had attempted this and had similar experiences?
 

scruffy

Notorious Olive Counter
Couldn't tell you about moving files across disks and so on... Hope things work out for you though.

As for last, finger, w, who and so on - that is all one big mess.

I knew that the Terminal.app does not properly declare its ownership of a tty, so that utilities like who don't report you on a tty, and talk refuses to connect to Terminal users.

Also, ssh doesn't properly clean up after itself -if you ssh in, then close the terminal window without explicitly logging out, w or who will still show you logged in.

This thing with finger showing you as "never logged in" is news to me - variations on a theme...

Just one thing - as I'm sure you're aware, thanks to Apple's clever design of NetInfo, any account might as well be an admin account, for anyone who can be bothered to run crack on a dumped passwd file.
 

cody

Registered
yeah, sucks. for now i've just changed permissions on nidump so only root can run it and i just sudo if i need it.
 

theed

Registered
Indeed, netinfo needs to have access restricted. But after I modify the perms on the NI utilities (which I did on X Server abut 16 months ago) what makes NI less secure than the standard shadow password file on any other *nix system?

Security is hard. Saying that something is wrong is easy. Providing a solution may take a lot of effort. The solution provided by NI I have found to be pretty dmaned solid, even against untrusted users with login permission on that box. I had a security aganecy audit my box to see what they could find, and the best they could get was to shom me that telnet was running and that ftp allowed them anonymous access to the directory that I wanted it to have access to. All stuff that I explicitly wanted and allowed.
 
Top