HPE Community
Operating System - HP-UX
1832955 Members
2763 Online
110048 Solutions
New Discussion

Re: Disable direct login to 'generic' application account

 
rudy smith_1
Occasional Advisor

‎02-09-2004 07:47 AM

‎02-09-2004 07:47 AM

Disable direct login to 'generic' application account

Hi, I believe this has been discussed here previously but I cant seem to find the link to the associated message. I would like to find a way to disable direct access to a particular account. What I would like to do is as follows:

have user login to user account

su to generic application account

Any assistance on this topic would be greatly appreciated.
If all else fails...read the manual!
0 Kudos
Reply
4 REPLIES 4
Jeff Schussele
Honored Contributor

‎02-09-2004 07:52 AM

‎02-09-2004 07:52 AM

Re: Disable direct login to 'generic' application account

Hi Rudy,

We set up a file in /var/adm called .generic_login to hold all the generic login usernames and then add a section to /etc/profile as follows:

KEY3=`grep "${LOGNAME}" /var/adm/.generic_login`
if [ "${KEY3}" != "" ]; then
if [ "${WHO2}" = "${LOGNAME}" -a "${LOGNAME}" != "root" ]; then
if [ ! "$VUE" ]; then
echo "\007\n\n+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
echo " You cannot login as ${LOGNAME}!!!"
echo " Login as yourself and su to ${LOGNAME}."
echo "+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"
sleep 5
exit
else
hpterm -bg black -fg yellow -bd red -bw 4 \
-fn courb14 -geometry 80x24+140+165 \
-T 'W A R N I N G' -e '/etc/vue/config/error3'
exit
fi
fi
fi

Works well.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
rudy smith_1
Occasional Advisor

‎02-09-2004 07:59 AM

‎02-09-2004 07:59 AM

Re: Disable direct login to 'generic' application account

Hi Jeff,

Thanks a bunch. We will try that.
If all else fails...read the manual!
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎02-09-2004 08:07 AM

‎02-09-2004 08:07 AM

Re: Disable direct login to 'generic' application account

Oh & of course both those files should be 644 or tighter (444) so that the users cannot alter them.

Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
rudy smith_1
Occasional Advisor

‎02-09-2004 08:08 AM

‎02-09-2004 08:08 AM

Re: Disable direct login to 'generic' application account

Yes, have thought of that one.

Thanks again!
If all else fails...read the manual!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.