On Mon, Mar 25, 2013 at 3:11 PM, Bob Proulx <[email protected]> wrote: > Joel Rees wrote: >> I know this is the wrong way to solve the underlying problems, but >> sometimes brute force is required. > > If I were doing that by brute force then instead of using PAM I would > use cron to create and remove a /etc/nologin file. See 'man 5 nologin' > for details of the file. But something like this: > > 0 17 * * * echo "No logins allowed now." > /etc/nologin > 0 5 * * * rm -f /etc/nologin > > That would be brute force. Create the nologin file when you want and > remove it when you want. > > Bob
Except that if you have root login disabled and you have to login in the middle of the night, you have to use a local exploit. However, I did consider setting cron to invoke a script to check for logins every two minutes during the banned time period. Putting a trap in the global postlogin script is another possibility. But if time.conf is functional and I want to claim to be competent with administrating Linux, I guess I'd better learn how to get it working. -- Joel Rees -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/caar43imsloe3k-zwfjusmsxhejrhoce7m37x_davyut9v2s...@mail.gmail.com
