该功能的原理就是根据password的命令原理实现用户的禁止登录:
shell@iZ620vnh79jZ:~$ passwd -? passwd: invalid option -- '?' Usage: passwd [options] [LOGIN] Options: -a, --all report password status on all accounts -d, --delete delete the password for the named account -e, --expire force expire the password for the named account -h, --help display this help message and exit -k, --keep-tokens change password only if expired -i, --inactive INACTIVE set password inactive after expiration to INACTIVE -l, --lock lock the password of the named account -n, --mindays MIN_DAYS set minimum number of days before password change to MIN_DAYS -q, --quiet quiet mode -r, --repository REPOSITORY change password in REPOSITORY repository -R, --root CHROOT_DIR directory to chroot into -S, --status report password status on the named account -u, --unlock unlock the password of the named account -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS -x, --maxdays MAX_DAYS set maximum number of days before password change to MAX_DAYS
-l 参数,lock the password of the named Account ,锁定账号的密码
因此只需要执行
passwd -l root
就可以实现root的禁止登录