SUMMARY: not allowing users to login to an NFS server

From: andchan@ccu.umanitoba.ca
Date: Fri May 31 1991 - 12:58:19 CDT


Thanks for the almost immediate replies!

Summary of my question:

Trying to disallow logins for all but a selected few managers but still knowing
who everybody was via NIS.

Summary of solutions (in order of suitabilty for our situation):

1. put the following entry at the end of /etc/passwd

+@admin::0:0::: (this is optional and admin is a netgroup)
+::0:0:::/usr/local/etc/not_welcome

where not_welcome can be a simple script that type out a messages telling
users to use other machines instead.

This will take care of almost everything, telnet, ftp, rlogin and rsh.

For explanation see "man 5 passwd"

2. create a file /etc/nologin and both telnet and rlogin will be taken
   care of. [see man login]

   Only root can login when an /etc/nologin file exists. This does not prevent
   rsh or ftp.

3. remove entries for in.telnetd, in.rshd and in.rlogind.

======================

Most people seem to like solution 1. I feel grateful to all who responded,
in order of mail arrival:

jeg@ced.berkeley.edu
datri@lovecraft.convex.com [who interestingly suggest that we should forget
                                about NIS]
magi@csd.uwo.ca
brendan@cs.widener.edu
jgreely@cis.ohio-state.edu
edguer@alpha.ces.cwru.edu
macphed@dvinci.usask.ca
trc@uludag.ESD.3Com.COM
johnb@edge.CIS.McMaster.CA



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:14 CDT