Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

comp.sys.hp.hpux FAQ
Section - 5.1.3 How can I restrict regular users from logging in at the console?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Business Photos and Profiles ]


Top Document: comp.sys.hp.hpux FAQ
Previous Document: 5.1.2 Why are mail files in /var/mail owned by 'daemon' instead of the recipient?
Next Document: 5.1.4 How can I disable non-root logins?
See reader questions & answers on this topic! - Help others by sharing your knowledge
Added: 04/02/01

For a terminal console
======================
If the /etc/securetty file is present, login security is in effect.
User root is only allowed to log in successfully on the ttys listed in
this file.  Restricted ttys are listed by device name, one per line.
Valid tty names are dependent on the installation.  So to restrict root
logins to only the console:

  # echo console >/etc/securetty

The use of /etc/securetty is documented in login(1).

For a CDE console
=================
Create a file named 'nologin' in /etc/:

  # >/etc/nologin

Then add something like this to your /etc/dt/config/Xstartup file:

   if pwget -n "$USER" | awk -F: '{exit !($3 == 0)}'; then
      if [ -f /etc/nologin ] || \
         grep '^console$' /etc/securetty >/dev/null 2>&1; then
         echo "[$(date)] non-root login attempt from CDE console -" \
              "access denied" >>/var/adm/console_login_attempts_log
         exit 1
      fi
   fi

See dtlogin(1) for a detailed description of the Xstartup file.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: comp.sys.hp.hpux FAQ
Previous Document: 5.1.2 Why are mail files in /var/mail owned by 'daemon' instead of the recipient?
Next Document: 5.1.4 How can I disable non-root logins?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
hpux.faq@gmail.com





Last Update March 27 2014 @ 02:11 PM