Operating System - HP-UX
1834056 Members
2205 Online
110063 Solutions
New Discussion

Re: Stop root login from x windows but allowing console / com login

 
robert fowler_1
Advisor

Stop root login from x windows but allowing console / com login

Hi

i want to stop root login over x windows but allow console login is this possible.

if I do cat /dev/null >/etc/securetty the root login is disabled completly, but I want to be able to hook up a laptop to the com port on server and login as root if needed.. is this possible

Also adding console to /etc/securetty the same as com port logins???
3 REPLIES 3
Alex Glennie
Honored Contributor

Re: Stop root login from x windows but allowing console / com login

first bit ->

vi /etc/dt/config/Xstartup (copy over from
/usr/dt/config if the file does not exist in /etc/dt/config) for CDE:

if [ $USER = root ] ; then
if [ ! "$DISPLAY = local_hostname:0.0" ] ; then
exit 1
fi
fi

Andrew Cowan
Honored Contributor

Re: Stop root login from x windows but allowing console / com login

If usding Redhat 4.x or Fedora you can run "/usr/sbin/gdmsetup" and got to the "Security" tab. From here you can control remote graphical login.
Mark Nieuwboer
Esteemed Contributor

Re: Stop root login from x windows but allowing console / com login

First put console in /etc/securrity
futher more put in /etc/profile the following:

# custom code for denying generic account login
if logname > /dev/null 2>&1
then
LGNM=`logname`
if egrep "^${LGNM}$" /etc/not_loginable > /dev/null 2>&1
then
echo "\nDirect login not allowed for $LGNM\n"
echo "\nNO remote login allowed for $LGNM (`date '+%D %T'`)\n" |
logger -p user.err -t NOT_LOGINABLE
exit 1
fi
fi

# end custom code

touch file /etc/not_loginable.
Put in this file the users you won't give direct login acces.
This users will still be avialebly with su.

grtz. Mark