root restrictions
John F Haugh II
jfh at rpp386.cactus.org
Sat Jun 15 14:24:12 AEST 1991
In article <9106132050.AA27815 at ucbvax.Berkeley.EDU> vrbass at atlvmic1.vnet.ibm.com writes:
>>>>I need a mechanism to restrict root logins to the console.
>
> chuser telnet=false rlogin=false
>
>should do the trick if your other terminals are on the network.
>If you have both network and serial terminals, you're going to
>have to go to the secondary authentication methods mentioned
>earlier.
Secondary authentication methods will not work. The "auth2"
method does not cause the authentication to fail if the method
exits with a failure code. In order to do what he is trying
to accomplish you have to have the method be one of the
primary ("auth1") methods.
--
John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 255-8251 | GEnie PROHIBITED :-) | Domain: jfh at rpp386.cactus.org
"UNIX signals are not interrupts. Worse, SIGCHLD/SIGCLD is not even a UNIX
signal, it's an abomination." -- Doug Gwyn
More information about the Comp.unix.aix
mailing list