HPE Community
Operating System - HP-UX
1847253 Members
3137 Online
110263 Solutions
New Discussion

Re: User Login

 
Evan Sutherland
Occasional Contributor

‎06-17-2003 06:25 AM

‎06-17-2003 06:25 AM

User Login

Is their something like securetty for standard users? reason being, we have several application user accounts which are being used by users, what I would like to do, is to force users to login with their own UID's and then su to these application accounts.

TIA
0 Kudos
Reply
5 REPLIES 5
Massimo Bianchi
Honored Contributor

‎06-17-2003 06:37 AM

‎06-17-2003 06:37 AM

Re: User Login

Hi,
sorry but there is no such thing for normal user.


You have many alternatives, depending ob your needs.

- lock the other account, so they will not be able to login directly

- put a check in the .profile of the users, and if they are connecting from a tty they will be pushed out. you can check this with the "tty" command output.

HTH,
Massimo
0 Kudos
Reply
Massimo Bianchi
Honored Contributor

‎06-17-2003 06:38 AM

‎06-17-2003 06:38 AM

Re: User Login

Forgot: when account is locked, they can only use "su", like you want.

Massimo
0 Kudos
Reply
James A. Donovan
Honored Contributor

‎06-17-2003 06:40 AM

‎06-17-2003 06:40 AM

Re: User Login

You can use the sudo utility to enforce this kind of thing.

Downloadable from http://hpux.cs.utah.edu
Remember, wherever you go, there you are...
0 Kudos
Reply
Umapathy S
Honored Contributor

‎06-17-2003 06:48 AM

‎06-17-2003 06:48 AM

Re: User Login

Evan,
who -m returns the username which was originally logged in. Add this to .profile of the account which you want to bar/not directly login for example oracle.

us=`who -m|awk '{ print $1 }'`
echo user is $us
if [ "$us" = "oracle" ]; then
exit
fi

But the problem here is, the users can see the .profile of oracle and can edit the profile. May be try adding this to /etc/profile. I am yet to test that.

HTH,
Umapathy
Arise Awake and Stop NOT till the goal is Reached!
0 Kudos
Reply
Massimo Bianchi
Honored Contributor

‎06-17-2003 07:04 AM

‎06-17-2003 07:04 AM

Re: User Login

Hi,
i suggest not to to the change in /etc/profile,
because there may be cases (example root) in which you want always to have the proper profile running, in every case, even on single user.


It's better to put it in the users profile, and change ownership so that users cannot modiify it.

HTH,
Massimo
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.