Is it possible to completely remove the user subsystem from Linux.
I'm NOT talking about preventing people from logging in. I'm talking about removing the parts of the system that even make it possible to log in.
The outcome being a operating system that once booted cannot ever be accessed because there is no way to access it, apart from applications already running on it (i.e. web server).
The goal being that the system is unhackable through any mechanism that requires gaining user level command line access, because there is no user level command line system present.
Best Answer
This is an interesting differentiation:
I'm not entirely sure there is actually anything other than a semantic difference. If I were to remove
/bin/login
then you would not be able to log in (on the physical terminal) because I had made it impossible to log in. But I would not have removed the entire login subsystem.My suggestion would be to leave as much intact as possible because there may be unforeseen dependencies. Leave users in place, so that your web server runs as a different account than
root
. Prevent interactive and non-interactive logins by modifying the PAM subsystem. Optionally preventsudo
type access in a similar manner.Prepare a "denied" PAM definition
Create
/etc/pam.d/denied
containing the following two lines:Prevent logins from the terminal/screen
Replace
/etc/pam.d/login
with a copy of/etc/pam.d/denied
Prevent network logins with
ssh
Replace
/etc/pam.d/sshd
with a copy of/etc/pam.d/denied
Edit
/etc/ssh/sshd_config
and ensure thatUsePam yes
is set.Optionally, disable at attempt at
sudo
Replace
/etc/pam.d/sudo
with a copy of/etc/pam.d/denied
Actually, rather than denying all logins, it might be better to permit root logins from the physical terminal/screen and deny everything else. This could also be done via PAM but is outside the specific scope of the question.