Top Document: comp.sys.hp.hpux FAQ Previous Document: 5.1.2 Why are mail files in /var/mail owned by 'daemon' instead of the recipient? Next Document: 5.1.4 How can I disable non-root logins? See reader questions & answers on this topic! - Help others by sharing your knowledge Added: 04/02/01 For a terminal console ====================== If the /etc/securetty file is present, login security is in effect. User root is only allowed to log in successfully on the ttys listed in this file. Restricted ttys are listed by device name, one per line. Valid tty names are dependent on the installation. So to restrict root logins to only the console: # echo console >/etc/securetty The use of /etc/securetty is documented in login(1). For a CDE console ================= Create a file named 'nologin' in /etc/: # >/etc/nologin Then add something like this to your /etc/dt/config/Xstartup file: if pwget -n "$USER" | awk -F: '{exit !($3 == 0)}'; then if [ -f /etc/nologin ] || \ grep '^console$' /etc/securetty >/dev/null 2>&1; then echo "[$(date)] non-root login attempt from CDE console -" \ "access denied" >>/var/adm/console_login_attempts_log exit 1 fi fi See dtlogin(1) for a detailed description of the Xstartup file. User Contributions:Top Document: comp.sys.hp.hpux FAQ Previous Document: 5.1.2 Why are mail files in /var/mail owned by 'daemon' instead of the recipient? Next Document: 5.1.4 How can I disable non-root logins? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: hpux.faq@gmail.com
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: