HPE Community
Operating System - Linux
1829103 Members
2213 Online
109986 Solutions
New Discussion

disable user login

 
SOLVED
Go to solution
peterchu
Super Advisor

‎03-30-2004 09:13 PM

‎03-30-2004 09:13 PM

disable user login

our users use telnet to access our linux system , how to temporaily disable user login and only accept system administrator to telnet to the system ? thx
0 Kudos
Reply
7 REPLIES 7
Karthik S S
Honored Contributor

‎03-30-2004 09:26 PM

‎03-30-2004 09:26 PM

Solution

Re: disable user login

In /etc/profile add the following lines,

user=`whoami`
if [ $user != root ]
then
exit
fi

-Karthik S S
For a list of all the ways technology has failed to improve the quality of life, please press three. - Alice Kahn
Reply
Mark Grant
Honored Contributor

‎03-30-2004 10:08 PM

‎03-30-2004 10:08 PM

Re: disable user login

Actually, there is a simpler way.

> /etc/nologin

the Linux "login" command will only allow root to login if /etc/nologin exists.
Never preceed any demonstration with anything more predictive than "watch this"
Reply
Karthik S S
Honored Contributor

‎03-30-2004 10:22 PM

‎03-30-2004 10:22 PM

Re: disable user login

Oh .. I didn't know about that...!!

Does it apply to hp-ux as well??

-Karthik S S
For a list of all the ways technology has failed to improve the quality of life, please press three. - Alice Kahn
Reply
Mark Grant
Honored Contributor

‎03-30-2004 10:35 PM

‎03-30-2004 10:35 PM

Re: disable user login

Karthik, Hi!

I thought it did but it doesn't look like it. You could of course, modify your code above to include a check for /etc/nologin and then it would work on HPUX too :)
Never preceed any demonstration with anything more predictive than "watch this"
Reply
Karthik S S
Honored Contributor

‎03-30-2004 10:42 PM

‎03-30-2004 10:42 PM

Re: disable user login

Hi Mark :-),

This is for you ;-)

user=`whoami`
grep $user /etc/nologin
if [ $? -eq 0 ]
then
exit
fi

/etc/nologin will contain users to be ignored.

-Karthik S S
For a list of all the ways technology has failed to improve the quality of life, please press three. - Alice Kahn
Reply
Fred Ruffet
Honored Contributor

‎03-30-2004 11:30 PM

‎03-30-2004 11:30 PM

Re: disable user login

You could also modify user to use /bin/false as shell :
usermod -s /bin/false
--

"Reality is just a point of view." (P. K. D.)
Reply
Stuart Browne
Honored Contributor

‎03-31-2004 01:59 PM

‎03-31-2004 01:59 PM

Re: disable user login

What Karthik was referring too was a default on a RH system.. From '/etc/pam.d/login':

auth required /lib/security/pam_nologin.so

This rule states that if the /etc/nologin file exists, it will not allow logins at that time.

From '/usr/share/doc/pam-0.75/txts/README.pam_nologin':

This module always lets root in; it lets other users in only if the file /etc/nologin doesn't exist. In any case, if /etc/nologin exists, it's contents are displayed to the user.
One long-haired git at your service...
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.