HPE Community
Operating System - HP-UX
1832857 Members
3277 Online
110047 Solutions
New Discussion

Block all users access to the system

 
uadm26
Super Advisor

‎06-02-2005 10:25 PM

‎06-02-2005 10:25 PM

Block all users access to the system

Hi,

I need to block all users access to change users id's to them. Any sugestions?
0 Kudos
Reply
11 REPLIES 11
Pete Randall
Outstanding Contributor

‎06-02-2005 10:32 PM

‎06-02-2005 10:32 PM

Re: Block all users access to the system

How about single user mode?


Pete

Pete
0 Kudos
Reply
uadm26
Super Advisor

‎06-02-2005 10:37 PM

‎06-02-2005 10:37 PM

Re: Block all users access to the system

Hi,

Single user is'nt a good option cus some aplications will still up, like ftp applications and DB Oracle too.
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎06-02-2005 10:37 PM

‎06-02-2005 10:37 PM

Re: Block all users access to the system

touch /etc/nologin

and see http://forums1.itrc.hp.com/service/forums/questionanswer.do?admit=716493758+1117794907486+28353475&threadId=147806


live free or die
harry d brown jr
Live Free or Die
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎06-02-2005 10:40 PM

‎06-02-2005 10:40 PM

Re: Block all users access to the system

Presently, you can write a shell wrapper as,

#!/bin/ksh

if [[ $LOGNAME != "root" ]]
then
echo "Permission denied to change UID"
echo "contact root"
sleep 1
exit 1
fi

========

Move /usr/sbin/usermod to /usr/sbin/usermodold and put this wrapper as /usr/sbin/usermod

It will work. And you may create users without -o option also.


hth.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎06-02-2005 10:41 PM

‎06-02-2005 10:41 PM

Re: Block all users access to the system

I think you are asking the solution to block users available in the system to change their USERID again. Rgt.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎06-02-2005 10:44 PM

‎06-02-2005 10:44 PM

Re: Block all users access to the system

How will some applications still be up in single user mode? Perhaps you're thinking of just running shutdown - I meant rebooting into single user mode. No apps will be started, no users will be able to connect - it sounds like exactly what you wanted???????


Pete

Pete
0 Kudos
Reply
uadm26
Super Advisor

‎06-02-2005 11:12 PM

‎06-02-2005 11:12 PM

Re: Block all users access to the system

Hi,

Thanks for all of you, I've done a script whith all users taht can't login in the system, i can't work in single user cus of users scripts running in cron.
0 Kudos
Reply
Dave Hutton
Honored Contributor

‎06-03-2005 12:55 AM

‎06-03-2005 12:55 AM

Re: Block all users access to the system

No offense. But single user mode there are no filesystems that a user script would be trying to use mounted.

I thought cron ran at a higher run level also.

Anyway, glad to hear you found a way.


0 Kudos
Reply
Devesh Pant_1
Esteemed Contributor

‎06-03-2005 03:00 PM

‎06-03-2005 03:00 PM

Re: Block all users access to the system

I use
# touch /etc/nologin and that way no one logs in and also
# echo console > /etc/securetty
0 Kudos
Reply
Devesh Pant_1
Esteemed Contributor

‎06-03-2005 03:02 PM

‎06-03-2005 03:02 PM

Re: Block all users access to the system

You can also use the /etc/profile to block logins
add this to /etc/profile

TTY=`tty`
if [ $LOGNAME = "root" -a $TTY != "/dev/console" ]
then
echo "No logins allowed at this time, please try back later"
exit 1
fi
0 Kudos
Reply
Nguyen Anh Tien
Honored Contributor

‎06-03-2005 06:49 PM

‎06-03-2005 06:49 PM

Re: Block all users access to the system

disable or folowing service.
#telnet
#rlogin
#ssh (if installed)
HP is simple
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.