topic Re: Restricted user access ! in Operating System - HP-UX

Restricted user access !

titu — Fri, 12 Dec 2008 01:49:05 GMT

if user to login on their own account such as user x.
After logging in to user x account, the user can then su to another account user y .
But I do not want users to be able to log in directly to account user y .

Thanks in advance

titu

Re: Restricted user access !

Dennis Handly — Fri, 12 Dec 2008 02:00:13 GMT

I'm not clear, you don't want them to login to user y but you want them to be able to use su(1)?

Re: Restricted user access !

Analyst — Fri, 12 Dec 2008 02:05:06 GMT

Hi Titu,

1.Check for the users permissions.
2.Any how SU- switch user if you login from lowest shell ,it asks for the password .

Thanks,
Analyst.

Re: Restricted user access !

Mark McDonald_2 — Fri, 12 Dec 2008 05:01:26 GMT

You could change the password of user y so only you know it, then give user x sudo access to change user y.

Re: Restricted user access !

titu — Fri, 12 Dec 2008 06:13:08 GMT

Let me give an example :
Example:
user x logs in to account user x, then su - database

however, if user_1 attempts to log in directly to account database it will not be allowed.

Can we check with ACL in this case ?

thanks in advance

titu

Re: Restricted user access !

Ivan Krastev — Fri, 12 Dec 2008 07:54:15 GMT

You can use /etc/profile to restrict direct logging. See more here - http://forums.itrc.hp.com/service/forums/questionanswer.do?threadId=1029641

regards,
ivan

Re: Restricted user access !

Mark McDonald_2 — Fri, 12 Dec 2008 12:41:48 GMT

>>>You could change the password of user y so only you know it, then give user x sudo access to change user y.

Just thought - once he has switched to user y he will be able to change the password.