RE: [U2] Preventing Unix Login
To keep users other than root from being able to login do the following: 1. login as root 2. touch /etc/nologin 3. vi /etc/nologin.txt (put in this file the message you want displayed, otherwise users may just think that they forgot their passwd) this is how linux works, other flavors of unix either do the same or something similar dougc Doug Chanco Ultimate Product Development (800) 678-5266 ext 5426 1-512-278-5426 (Direct) [EMAIL PROTECTED] www.activant.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Lewis Sent: Friday, May 21, 2004 12:24 PM To: [EMAIL PROTECTED] Subject: RE: [U2] Preventing Unix Login Don't most flavors of unix support the /etc/nologin file? The contents of that file will be displayed instead of the usual 'Login please' prompt to telnet connections, as well as preventing logins, except from root. Try 'man login' from your unix shell prompt for more info. Just setup the file as /etc/nologin.bak or something, then rename it at the appropriate time, get everyone off, resize, rename the file back. Richard B. Lewis Sr. Software Engineer Dynix [EMAIL PROTECTED] p 801-223-5392 f 801-223-5202 www.dynix.com http://www.dynix.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brutzman, Bill Sent: Friday, May 21, 2004 10:39 AM To: '[EMAIL PROTECTED]' Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users Notice: This transmission is for the sole use of the intended recipient(s) and may contain information that is confidential and/or privileged. If you are not the intended recipient, please delete this transmission and any attachments and notify the sender by return email immediately. Any unauthorized review, use, disclosure or distribution is prohibited. --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
Are you asking how or if it is a good idea? If asking How: Disable logins in /etc/profile or if you are more comfortable working in universe disable getting into uv in the uv home directory's VOC UV.LOGIN add somethiong like this bit of code to the top of the paragraph: PA BREAK OFF IF @LOGNAME = root GO OK IF @LOGNAME = brutzman GO OK DISPLAY DOWN FOR MAINTENANCE TRY AGAIN AT SUCH AND SUCH A TIME SLEEP 3 LOGOFF OK: BREAK ON Everyone goes through UV.LOGIN. Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brutzman, Bill Sent: Friday, May 21, 2004 9:39 AM To: '[EMAIL PROTECTED]' Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
Re: [U2] Preventing Unix Login
Can't You use dbpause ? or just stop telnetd ? Lembit Pirn 7+7 Software Tondi 1 Tallinn 11313 Estonia +372 65 66 232 [EMAIL PROTECTED] - Original Message - From: Brutzman, Bill [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 21, 2004 7:39 PM Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
LP: I will look into these commands... Thanks for writing. Regards -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Lembit Pirn Sent: Friday, May 21, 2004 1:06 PM To: [EMAIL PROTECTED] Subject: Re: [U2] Preventing Unix Login Can't You use dbpause ? or just stop telnetd ? Lembit Pirn 7+7 Software Tondi 1 Tallinn 11313 Estonia +372 65 66 232 [EMAIL PROTECTED] - Original Message - From: Brutzman, Bill [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 21, 2004 7:39 PM Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login - UPDATED sorry!!!
vi your inet.sec file and only allow your workstation ip to connect to the server via TELNET , this keeps everyone out but you. put your ip addres on the TELNET line, normally this commented or removed. Bobby Ramirez IT Services Body Wise International 714-368-1260 http://www.bodywise.com/ -Original Message- From: Brutzman, Bill [mailto:[EMAIL PROTECTED] Sent: Friday, May 21, 2004 9:39 AM To: '[EMAIL PROTECTED]' Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
Don't most flavors of unix support the /etc/nologin file? The contents of that file will be displayed instead of the usual 'Login please' prompt to telnet connections, as well as preventing logins, except from root. Try 'man login' from your unix shell prompt for more info. Just setup the file as /etc/nologin.bak or something, then rename it at the appropriate time, get everyone off, resize, rename the file back. Richard B. Lewis Sr. Software Engineer Dynix [EMAIL PROTECTED] p 801-223-5392 f 801-223-5202 www.dynix.com http://www.dynix.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brutzman, Bill Sent: Friday, May 21, 2004 10:39 AM To: '[EMAIL PROTECTED]' Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
This worked as well in Digital Unix. Anyone logged in, will remain in, just will not allow any new logins. I've done this when rebooting, but still have stuff to startup, and don't want to be in single user mode. I'll touch the nologin file, do what I need then rm it when it's ok to login. I don't know if it will stop ftp logins however. George -Original Message- From: George Gallen [mailto:[EMAIL PROTECTED] Sent: Friday, May 21, 2004 1:14 PM To: [EMAIL PROTECTED] Subject: RE: [U2] Preventing Unix Login Most Unixs have a feature where if you touch a file call nologin, or nologins in either the / or /etc no logins (usually the console is excepted from this) will be allowed. In RH, doing a touch /etc/nologin stops logins George -Original Message- From: Brutzman, Bill [mailto:[EMAIL PROTECTED] Sent: Friday, May 21, 2004 12:39 PM To: '[EMAIL PROTECTED]' Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
One flavor of unix we ran looked for an /etc/nologin file. If it existed, it would print the contents of the message and not allow you to login. When we moved off that particular unix, we lost that functionality. This is a nice thing to have for reasons like you speak of. So, we put a statement in the users .profile as such; if test -r /etc/nologin then cat /etc/nologin exit fi We created a Universe command called 'FENCE.UP' that creates the 'nologin' and a 'FENCE.DOWN' that deletes the 'nologin'. Very simple and effective. Since you are on unix and not windows, you could probably do the same. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brutzman, Bill Sent: Friday, May 21, 2004 12:39 PM To: '[EMAIL PROTECTED]' Subject:[U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
[OT] RE: [U2] Preventing Unix Login
The number of varying methodologies presented in answer to this question reminded me of a quote I read somewhere years ago regarding Unix: Its not really an operating system, its more like a kit that can be used to build one -Original Message- From: Anthony Dzikiewicz [mailto:[EMAIL PROTECTED] One flavor of unix we ran looked for an /etc/nologin file. If it existed, it would print the contents of the message and not allow you to login. When we moved off that particular unix, we lost that functionality. This is a nice thing to have for reasons like you speak of. So, we put a statement in the users .profile as such; if test -r /etc/nologin then cat /etc/nologin exit fi [snip] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
Here's how I do it in a script named /usr/bin/prevlogin: #!/usr/bin/ksh # Karl # prevlogin, prevent logins # place in /usr/bin if [ $# -ge 1 ] then a=`/bin/echo $1 | /usr/bin/cut -c1 | /usr/bin/tr YN yn` if [ $a = y ] then shift /bin/cp /etc/nologin.klp /etc/nologin chmod 444 /etc/nologin elif [ $a = n ] then if [ -f /etc/nologin ] then /bin/rm /etc/nologin fi else /bin/echo Usage: prevlogin [yn] [message] exit 2 fi else if [ -f /etc/nologin ] then /usr/bin/id | grep 'uid=0' /dev/null if [ $? -ne 0 ] then /bin/cat /etc/nologin /bin/sleep 7 exit 2 fi fi fi ## add to the end of /etc/profile ## after removing one # from each line #PATH=$PATH:`cat /.uvhome`/bin #export PATH ## Track login usage #`date ./loguse.$LOGNAME` #`tail -20 ./loguse.$LOGNAME ./temp.$LOGNAME` #`cp ./temp.$LOGNAME ./loguse.$LOGNAME` #`rm ./temp.$LOGNAME` ## The following line prevents logins if /etc/nologin is present ## AIX already checks for /etc/nologin, so this is redundant # . /usr/bin/prevlogin ## End of prevlogin call Contents of nologin.klp: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * A T T E N T I O NP L E A S E * * There is either System Maintenance or Month End in* * progress. Therefore, you will not be allowed to log * * in at this time. This notice will not be shown when * * it is okay to login and go back to work. Thank you. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * On AIX the nologin file in /etc is removed on boot up. Be sure to include this capability in rc.local (use the correct file) else you will find as I have that users start referring to you as evil IT guy. Karl On Fri, 2004-05-21 at 11:35, Anthony Dzikiewicz wrote: One flavor of unix we ran looked for an /etc/nologin file. If it existed, it would print the contents of the message and not allow you to login. When we moved off that particular unix, we lost that functionality. This is a nice thing to have for reasons like you speak of. So, we put a statement in the users .profile as such; if test -r /etc/nologin then cat /etc/nologin exit fi We created a Universe command called 'FENCE.UP' that creates the 'nologin' and a 'FENCE.DOWN' that deletes the 'nologin'. Very simple and effective. Since you are on unix and not windows, you could probably do the same. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brutzman, Bill Sent: Friday, May 21, 2004 12:39 PM To: '[EMAIL PROTECTED]' Subject: [U2] Preventing Unix Login We are getting file overflow error messages on our Sales Order files and I want to make sure that nobody can login as it is resizing. Maybe I am overly concerned. We are on UV 8.3.3 on HP-Unix v10. Suggestions are welcome. Bill Brutzman Manager, IT HK MetalCraft Mfg Corp PO Box 775 35 Industrial Road Lodi NJ 07644-0775 973.471.7770 x145 .voice 973.471.9666 .fax www.hkMetalCraft.com [demime 1.01d removed an attachment of type application/octet-stream which had a name of Brutzman, Bill.vcf] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users -- Karl L. Pearson Director of IT, ATS Industrial Supply Direct: 801-978-4429 Toll-free: 888-972-3182 x29 Fax: 801-972-3888 http://www.atsindustrial.com [EMAIL PROTECTED] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [OT] RE: [U2] Preventing Unix Login
That's kinda true and that's why I love unix. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Schasny Sent: Friday, May 21, 2004 2:11 PM To: [EMAIL PROTECTED] Subject:[OT] RE: [U2] Preventing Unix Login The number of varying methodologies presented in answer to this question reminded me of a quote I read somewhere years ago regarding Unix: Its not really an operating system, its more like a kit that can be used to build one -Original Message- From: Anthony Dzikiewicz [mailto:[EMAIL PROTECTED] One flavor of unix we ran looked for an /etc/nologin file. If it existed, it would print the contents of the message and not allow you to login. When we moved off that particular unix, we lost that functionality. This is a nice thing to have for reasons like you speak of. So, we put a statement in the users .profile as such; if test -r /etc/nologin then cat /etc/nologin exit fi [snip] --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [OT] RE: [U2] Preventing Unix Login
Or the one: Unix is a very powerful weapon, perpetually aimed at your foot. Jim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Schasny Sent: Friday, May 21, 2004 1:11 PM To: [EMAIL PROTECTED] Subject:[OT] RE: [U2] Preventing Unix Login The number of varying methodologies presented in answer to this question reminded me of a quote I read somewhere years ago regarding Unix: Its not really an operating system, its more like a kit that can be used to build one --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users
RE: [U2] Preventing Unix Login
with Redhat, the /etc/nologin.txt will only be displayed when the users shell is listed as a nologin shell. otherwise the contents of /etc/nologin is displayed. If you only touch it, nothing will be displayed, but no login will take place. George -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, May 21, 2004 3:25 PM To: [EMAIL PROTECTED] Cc: Doug Chanco Subject: RE: [U2] Preventing Unix Login Non-member submission from [Doug Chanco [EMAIL PROTECTED]] To keep users other than root from being able to login do the following: 1. login as root 2. touch /etc/nologin 3. vi /etc/nologin.txt (put in this file the message you want displayed, otherwise users may just think that they forgot their passwd) this is how linux works, other flavors of unix either do the same or something similar dougc Doug Chanco Ultimate Product Development (800) 678-5266 ext 5426 1-512-278-5426 (Direct) [EMAIL PROTECTED] www.activant.com --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users --- u2-users mailing list [EMAIL PROTECTED] http://www.u2ug.org/listinfo/u2-users