On Tue, 13 Apr 2010, Erik Anderson wrote: > On Tue, Apr 13, 2010 at 8:36 AM, Robert Nesius <nesius at gmail.com> wrote: > >> Why not just set their shell to a stub-shell that only allows them to >> run the passwd command, or allows them to log out? > > I was just going to recommend this as well. > > Look into Restricted shell (rsh). I've used it in the past for this > sort of thing, and it worked well. You could have it run the passwd program immediately after the user logs in. Then it exits. That's all it does. I don't know how you'd make a web interface do this. Mike