topic Re: nologin in Operating System - HP-UX

nologin

Luca_11 — Mon, 09 Sep 2002 11:34:41 GMT

Hi,
i need to create a user who can log in only by su command. In other words there's must be another user, different from root, logged in.
Whith files /etc/nologin and /etc/default/security i lock access to all users different from root.

Thanks in advance
Bye
Luca

Re: nologin

harry d brown jr — Mon, 09 Sep 2002 11:59:51 GMT

Well, if you have the system "locked" down so that only root can login because you have a /etc/nologin file and you have defined NOLOGIN in /etc/default/security, then the only action is to login as root!

You could detect /etc/nologin yourself via /etc/profile and then allow only those users that have special access to login.

live free or die
harry

Re: nologin

Cheryl Griffin — Mon, 09 Sep 2002 12:03:18 GMT

Luca,
Add this to the user's .profile:
# Prevent login. Force su.
name=`logname`
if [ $name = username ]
then
echo $name No Login Allowed. Must su.
exit
fi

This prevents the user from logging in directly, and reminds them to use su to gain access to the user account.

Cheryl