Operating System - Linux
1839171 Members
2577 Online
110136 Solutions
New Discussion

Restrict user logins when using NIS

 
SOLVED
Go to solution
David Spencer_1
Advisor

Restrict user logins when using NIS

I'm running RH 3 update 3 and want to restrict logins to our Admin team on our critcial servers. The systems are using NIS for password and group information. I created local logins for admins which work but need to disable the general users accounts from logging in. How can this be accomplished?
(These servers are also NIS slave servers.)
Thanks.
3 REPLIES 3
Stuart Browne
Honored Contributor
Solution

Re: Restrict user logins when using NIS

If you've got a fixed, known-list of allowed logins for these machines, then '/etc/pam.d/login' is your friend.

Read the documentation (in '/usr/share/doc/pam-0*/txts/') with regards to 'pam_wheel' and 'pam_listfile'.

One of these two will be able to restrict based on the user they are logging in as, or the group they belong to.
One long-haired git at your service...
Ivan Ferreira
Honored Contributor

Re: Restrict user logins when using NIS

You can modify the /etc/pam.d/login file an stack an listfile restriction, like this:

auth required pam_listfile.so item=user sense=allow file=/etc/adminusers
onerr=fail

So only users listed on /etc/adminusers will be allowed to login.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
David Spencer_1
Advisor

Re: Restrict user logins when using NIS

The /etc/pam.d/login edits work fine for my log in restrictions. Thanks for the assistance.