- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Restricting user logins
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-02-2009 01:52 AM
тАО11-02-2009 01:52 AM
We've just had our annual visit from our (adjectives deleted) auditors and they want to restrict the ability of the oracle user to login directly, but our DBA's must be able to su to that account if needed, so a shell account is required. Any ideas on how to do this?
Regards
Andrew Young
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-02-2009 02:27 AM
тАО11-02-2009 02:27 AM
Re: Restricting user logins
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-02-2009 04:51 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-02-2009 04:52 AM
тАО11-02-2009 04:52 AM
Re: Restricting user logins
TTY=`tty | awk -F/ '{printf ($3"/"$4)}'`
USER_TTY=`w | awk '(\$2=="'$TTY'"){print \$1}'`
if [ -n "$USER_TTY" ] && [ $(whoami) = "oracle" ] && [ $(grep -q $USER_TTY /etc/su_allow_oracle.txt; echo $?) != 0 ]
then
echo
echo "************************************************************"
echo "This account ($USER_TTY) is not permitted to su into oracle."
echo "************************************************************"
echo
sleep 5
exit
fi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-02-2009 04:56 AM
тАО11-02-2009 04:56 AM
Re: Restricting user logins
Burak I was thinking of going with your suggestion but was wondering if there is anything in PAM that would do something similar.
Thanks for the other suggestions as well.
AY
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-02-2009 05:40 AM
тАО11-02-2009 05:40 AM
Re: Restricting user logins
i did not know the way about PAM which can overcome this issue and could not find any useful document about how to configure PAM.
You may look at the following link, there are some other ways discussed like changing oracle password..
http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1257167203491+28353475&threadId=1121876