Keep them out!
Chip Rosenthal
chip at chinacat.Unicom.COM
Sun May 27 06:01:03 AEST 1990
In article <304 at fryepro.UUCP> gary at fryepro.UUCP (Gary L. Scorby) writes:
>[On SCO XENIX 2.3.2] Is there a command that allows the super user to stop
>anyone from logging in for a period of time?
No. The "login" program does not support this kind of feature. However,
there is hook in /etc/gettydefs which will help. You can specify a program
to run in the 6th field rather than defaulting to /etc/login. So, you might
create an /etc/loginchk from the following:
#include <stdio.h>
#define LOGINLCK "/etc/nologin"
main()
{
if ( access(LOGINLCK,0) == 0 ) {
fputs("Logins are temporarily disabled. Try again later.\n",stderr);
exit(1);
}
execl("/etc/login","login",(char *)NULL);
fputs("loginchk: exec login failed\n",stderr);
exit(1);
}
If you take this approach, "loginchk" should be installed owned by "bin"
with permissions 4500 (that is, setuid to bin).
An easier approach if all your users run the same shell, say /bin/sh,
is just stick:
if [ -f /etc/nologin ] ; then
echo Logins are temporarily disabled. Try again later.
exit 1
fi
into /etc/profile. For csh, change syntax appropriately and use /etc/cshrc.
*WARNING* Before you go about doing anything like this, you should add
an escape hatch so that root can bypass this check, otherwise you can
lock the door behind you.
--
Chip Rosenthal | You aren't some icon carved out
chip at chinacat.Unicom.COM | of soap, sent down here to clean
Unicom Systems Development, 512-482-8260 | up my reputation. -John Hiatt
More information about the Comp.unix.xenix
mailing list