HPE Community
Operating System - HP-UX
1829115 Members
14964 Online
109986 Solutions
New Discussion

Restrict login to a user

 
SOLVED
Go to solution
Daniel Ubeda
Frequent Advisor

‎11-25-2002 09:14 AM

‎11-25-2002 09:14 AM

Restrict login to a user

Hi,

how can I do to restrict a user login ???
I put nologin in /etc/passwd, but I can't do a su to this user ....

thanks
Daniel
0 Kudos
Reply
6 REPLIES 6
Cheryl Griffin
Honored Contributor

‎11-25-2002 09:20 AM

‎11-25-2002 09:20 AM

Solution

Re: Restrict login to a user

If you are trying to restrict login but all su for the user, add the following to your /etc/profile:

name=`logname`
if [ $name = username ]
then
echo $name must use su. no login allowed.
exit
fi
#end

where you replace username with the user you are trying to restrict.
Cheryl
"Downtime is a Crime."
Reply
MANOJ SRIVASTAVA
Honored Contributor

‎11-25-2002 09:31 AM

‎11-25-2002 09:31 AM

Re: Restrict login to a user

Hi Daniel


What we do is to restrict diorect logins of SA's and DBA's , we add the following in /etc/profile


loginid=`who am i | awk '{print $1}'`

echo $loginid
if [ $loginid = oracle ]
then
exit
fi

echo $loginid
if [ $loginid = root ]
then
exit
fi
and that way the user don directly log in , and su collects the log.



Manoj Srivastava
Reply
James R. Ferguson
Acclaimed Contributor

‎11-25-2002 09:31 AM

‎11-25-2002 09:31 AM

Re: Restrict login to a user

Hi Daniel:

Are you thinking of the '/etc/nologin' file and the 'nologin' token in 'etc/default/security'? If so, see 'man (4) security'.

Regards!

...JRF...
0 Kudos
Reply
Daniel Ubeda
Frequent Advisor

‎11-25-2002 11:08 AM

‎11-25-2002 11:08 AM

Re: Restrict login to a user

Thanks to all, I have resolved my problem !!!

James: I don't know the "/etc/nologin" I no find it in man.
Daniel
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎11-25-2002 11:38 AM

‎11-25-2002 11:38 AM

Re: Restrict login to a user

Hi (again):

The man pages I referenced are the 11.11 ones. See 'man 4 security' here:

http://docs.hp.com/hpux/onlinedocs/B2355-90696/B2355-90696.html

For 11.0 you need patches PHCO_25590 & PHCO_26089.

For 11.11 PHCO_24839 and PHCO_25526 provide current patches.

Regards!

...JRF...
0 Kudos
Reply
Daniel Ubeda
Frequent Advisor

‎11-25-2002 11:40 AM

‎11-25-2002 11:40 AM

Re: Restrict login to a user

Ok, thank you very much !!
Daniel
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.