Thanks to:
S. Khemmanivanh [somckit_at_u.washington.edu]
John Speno [speno_at_isc.upenn.edu]
Bryan Lavelle [Bryan.Lavelle_at_digital.com]
David J. DeWolfe [sxdjd_at_java.sois.alaska.edu]
Partin.Kevin [KPartin_at_hou.mdc.com]
Glenda D. Monzon [gmonzon_at_dticam.dtic.mil]
Mike Metelski [mmetelski_at_dttus.com]
Simon.Millard_at_barclays.co.uk
Martin Mokrejs [mmokrejs_at_natur.cuni.cz]
Ryan Ziegler [Zieglerr_at_novachem.com]
Robin Kundert [rkundert_at_spu.edu]
Cy Schubert [cschuber_at_uumail.gov.bc.ca]
A statement I made was wrong and was corrected almost immediately.
/etc/nologin _doesn't_ stop root from logging in. The suggestions boiled
down to three types succinctly summarized by Cy Shubert:
---------------------------
Touch /etc/nologin before your backups, then delete the file when you
are done. Any sessions that are already established will not be
affected. Any new sessions, including those made by administrative
staff, will be denied.
Another alternative would be to alter /etc/profile or /etc/csh.system
to log out specified users during a certain time period, giving you an
automated approach for doing this.
Finally, IIRC, C2 Security has the option to deny certain users login
privileges during certain times of day.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Open Systems Group Internet: Cy.Schubert_at_uumail.gov.bc.ca
ITSD Cy.Schubert_at_gems8.gov.bc.ca
Province of BC
----------------------------
Thanks to all!
Daniel Monjar
Manager, Systems
Organon Teknika
Mailto:Daniel.Monjar_at_orgtek.com
-----Original Message-----
From: Monjar, Daniel [mailto:Monjar_at_orgtek.com]
Sent: Tuesday, January 05, 1999 2:40 PM
To: 'alpha-osf-managers_at_ornl.gov'
Subject: stopping interactive logins
Another "VMS can do it, can Unix?" type question... Under VMS I can limit
interactive logins with a command (set login/inter=0). Commonly used when I
want the system to myself, like during backups. One feature of this is that
it prevents normal users from logging in but still allows members of the
system group (based on group UIC) interactive logins. Can I do something
similar under DEC Unix? I know of the function of /etc/nologin but that
seems to stop root login as well.
Daniel Monjar
Manager, Systems
Organon Teknika
Mailto:Daniel.Monjar_at_orgtek.com
Received on Thu Jan 07 1999 - 15:36:38 NZDT