1 Reply Latest reply on Oct 26, 2017 11:06 AM by Darren Moffat-Oracle

    UX: /usr/sbin/usermod: ERROR: Cannot modify account. Marked as read-only.

    deesea

      Hello All,

       

      I'm trying to modify an account to set the gecos field per our standards on Solaris 11.3.

       

      /usr/sbin/usermod -c "account,generic,owner" account

      UX: /usr/sbin/usermod: ERROR: Cannot modify account. Marked as read-only.

      UX: /usr/sbin/usermod: ERROR: Permission denied.

       

      How/where do I change this read-only attribute ?

       

      vipw or vi'ing /etc/passwd is not an option as we support 1000s of servers ant the gecos is set by automation.

       

      Daniel

        • 1. Re: UX: /usr/sbin/usermod: ERROR: Cannot modify account. Marked as read-only.
          Darren Moffat-Oracle

          Are you attempting to modify one of the system accounts delivered as part of Solaris ? Doing so is NOT supported (beyond setting a password for the root account). Any such attempted will actually be undone on the next 'pkg upgrade' or 'pkg fix' and will cause 'pkg verify' to fail and indicate the system is broken.

           

          If this is not for a system delivered account then you need to find the entry for the account in one of the /etc/user_attr.d/ files and remove the "RO" from the third column.  Do NOT do that to a system account or one delivered via IPS package.  If it is delivered from an IPS package then change the source and republish the package instead.

           

          - Darren

          Oracle Solaris Engineering Security Architect