HPE Community
Operating System - HP-UX
1836546 Members
2334 Online
110102 Solutions
New Discussion

no home no access

 
tenon_2
Occasional Contributor

‎12-21-2004 07:56 PM

‎12-21-2004 07:56 PM

no home no access

hi,

i've got a little soucy :
i would like to know how i can deny access to a real nis user if there is no user home directory ?

thank you
0 Kudos
Reply
8 REPLIES 8
Robert-Jan Goossens
Honored Contributor

‎12-21-2004 08:11 PM

‎12-21-2004 08:11 PM

Re: no home no access

Hi Tenon,

You could remove him from the passwd file.

Regards,
Robert-Jan
0 Kudos
Reply
tenon_2
Occasional Contributor

‎12-21-2004 08:27 PM

‎12-21-2004 08:27 PM

Re: no home no access

hi back,

hum ! good answer for my stupid question ... but i explain what i wanted to say :
i've a nis server for 4 hpux and i would like to accept access just for 1 or 2 or ... hpux because i don't want any people on any hpux (because each hpux are specific (abacus, fortran, marc ...)
and i was thinking if a user didn't have a home directory -> no access
so i just have to create home directory to give access for a specific station... crazy or not ?

thank you
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎12-21-2004 08:55 PM

‎12-21-2004 08:55 PM

Re: no home no access

Ok,

Lets say we have three servers.

hp01 - nis master
passwd file user
gorj:tyf2EuWEo:104:20:Robert-Jan,,,:/home/robert:/usr/bin/ksh
tenon:OawEuWEo:105:20:Tenon,,,:/home/tenon:/usr/bin/ksh

hp02 app server nis client
you only like to give access to tenon
passwd file
+tenon

hp03 app2 server nis client
all users (2) can access this server
passwd file
+tenon
+robert

Is this an answer to your question ?

Robert-Jan
0 Kudos
Reply
tenon_2
Occasional Contributor

‎12-21-2004 09:15 PM

‎12-21-2004 09:15 PM

Re: no home no access

hi 'll be back


good answer ... i understand that i need to remind me nis documentation ...

last question but not so important

how can i deny access for someone on my nis server and give access for the other hpux station ... it's the same ?

#nis server /etc/passwd
tenon:nfaknjfks
-tenon
# other hpux station & nis client
+tenon

is it good ????

NB: realy thank you
because you remind me that i'm litle player ;)
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎12-21-2004 09:49 PM

‎12-21-2004 09:49 PM

Re: no home no access

Hi Tenon,

I don't think that is possible.

the + is a nis client option not a nis server option.

Best regards,
Robert-Jan
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎12-21-2004 10:03 PM

‎12-21-2004 10:03 PM

Re: no home no access

Check this doc for more information.

http://www.docs.hp.com/en/B1031-90043/ch04.html

If you have more questions, don't hesitate asking them :-)

Best regards,
Robert-Jan
0 Kudos
Reply
Gordon Morrison
Trusted Contributor

‎12-22-2004 04:16 AM

‎12-22-2004 04:16 AM

Re: no home no access

See "man security"
There's a setting called "ABORT_LOGIN_ON_MISSING_HOMEDIR"
What does this button do?
0 Kudos
Reply
Victor Fridyev
Honored Contributor

‎12-22-2004 04:50 AM

‎12-22-2004 04:50 AM

Re: no home no access

Hi,

You can use groups for this. Create groups fortran, abacus etc and check the user's group in /etc/profile.
See an example: only users belonging to 223 and 277 may log in
UID=$(/usr/bin/id -u $LOGNAME)
if [ $UID -gt 30 ]; then
FLEX=0
GRP_LIST="223 277"
for ugroup in $(id -G); do
for grp in $GRP_LIST; do
if [ $ugroup -eq $grp ]; then
FLEX=1
break 2
fi
done
done
if [ $FLEX -eq 0 ]; then
exit
fi
fi

HTH
Entities are not to be multiplied beyond necessity - RTFM
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.