HPE Community
Operating System - Linux
1828019 Members
1970 Online
109973 Solutions
New Discussion

Re: Restrict user logins when using NIS

 
SOLVED
Go to solution
David Spencer_1
Advisor

‎06-29-2005 02:47 AM

‎06-29-2005 02:47 AM

Restrict user logins when using NIS

I'm running RH 3 update 3 and want to restrict logins to our Admin team on our critcial servers. The systems are using NIS for password and group information. I created local logins for admins which work but need to disable the general users accounts from logging in. How can this be accomplished?
(These servers are also NIS slave servers.)
Thanks.
0 Kudos
3 REPLIES 3
Stuart Browne
Honored Contributor

‎06-29-2005 03:06 AM

‎06-29-2005 03:06 AM

Solution

Re: Restrict user logins when using NIS

If you've got a fixed, known-list of allowed logins for these machines, then '/etc/pam.d/login' is your friend.

Read the documentation (in '/usr/share/doc/pam-0*/txts/') with regards to 'pam_wheel' and 'pam_listfile'.

One of these two will be able to restrict based on the user they are logging in as, or the group they belong to.
One long-haired git at your service...
0 Kudos
Ivan Ferreira
Honored Contributor

‎06-29-2005 03:07 AM

‎06-29-2005 03:07 AM

Re: Restrict user logins when using NIS

You can modify the /etc/pam.d/login file an stack an listfile restriction, like this:

auth required pam_listfile.so item=user sense=allow file=/etc/adminusers
onerr=fail

So only users listed on /etc/adminusers will be allowed to login.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
David Spencer_1
Advisor

‎06-29-2005 04:11 AM

‎06-29-2005 04:11 AM

Re: Restrict user logins when using NIS

The /etc/pam.d/login edits work fine for my log in restrictions. Thanks for the assistance.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.