topic Re: Restricted login in Operating System - HP-UX

Restricted login

Marcelo De Florio — Wed, 23 Aug 2000 17:08:26 GMT

How can I restrict the login for users to one device (eg: console) ?

MDF

Re: Restricted login

Antoanetta Naghiu — Wed, 23 Aug 2000 17:11:26 GMT

Edit /etc/securetty.
"Only root can successfully login on the ttys listed in this file" - qoutes from man login.
So, have /etc/securetty as
console

Re: Restricted login

James R. Ferguson — Wed, 23 Aug 2000 17:23:57 GMT

Hi:

Assuming that the user(s) in question always looged on from a static name device (most notably 'console') then you could always exit in their .profile.

...JRF...

Re: Restricted login

Bill Hassell — Wed, 23 Aug 2000 18:12:00 GMT

Since there are many ways to login (telnet, terminal, console, modem, rlogin), there may be several answers. The easiest for 'normal' UNIX logins (terminals, modems, telnet) is to edit /etc/profile. (.profile can be edited or removed by users) In /etc/profile, you would write a test to look for the user's login name in a file and compare that user with the allowed terminal. You can read the user's login in /etc/profile with the whoami command and the terminal name with the tty command.

Re: Restricted login

Antoanetta Naghiu — Wed, 23 Aug 2000 19:01:32 GMT

.profile is under user ownership. Can be modified by the owner anytime.

Re: Restricted login

Antoanetta Naghiu — Wed, 23 Aug 2000 19:08:07 GMT

And, sorry for the /etc/securetty, I did not read care fully the question.
If your concern is about a group of users, and the environment permited, you can play with different run levels. (define diferent entry in inittab file).

Re: Restricted login

Duane Gorder — Wed, 23 Aug 2000 19:16:04 GMT

The user does not have to own his .profile. Even if it is owned by root and it does not have write permissions for the user, it will work as long as it has read and execute permissions either for a group that the user belongs to or for the world.