[linux] prihlasovanie na konzolu
Matus "fantomas" Uhlar
uhlar na fantomas.sk
Pátek Duben 20 21:43:20 CEST 2001
-> > dobry den!
-> >
-> > mam problem s nedisciplinovanymi pouzivatelmi
-> > ista slecna si zvykla citavat maily priamo na konzole servra
-> > a neda sa presvedcit na citanie mailov prostrednictvom inych pocitacov
-> > (dovod je jasny: brani root-ovi v pristupe na konzolu)
-> >
-> > chcel by som povolit prihlasovanie sa na konzolu len root-ovi
-> > pripadne vvybranemu user-ovi
->
-> uz tu bolo plno navrhov, ale najlepsi je imho /etc/porttime - hlavne ked
-> niekto nema nainstalene PAM :P
->
-> do /etc/porttime si hodis napr.:
-> *:root:Al0000-2400
-> *:*:
->
-> => na konzolu sa moze prihlasit len root (hocikedy), vsetci ostatni
-> dostanu hlasku "Invalid login time".
-> Vyhoda: nepotrebujes PAM, nemenis ziaden .bashrc ani nic podobne a teda
-> neovplyvni to ziadne remote loginy cez ssh/telnet
-> jo, a man porttime
ja by som si dovolil poznamenat - ak ma system uz pam zakomponovany, straca
komentar o nom zmysel ;)
a da sa to vyriesit v pame tiez:
# Uncomment and edit /etc/security/time.conf if you need to set
# time restrainst on logins.
# (Replaces the ORTTIME_CHECKS_ENAB' option from login.defs
# as well as /etc/porttime)
# account requisite pam_time.so
--
Matus "fantomas" Uhlar, sysadmin at NEXTRA, Slovakia; IRCNET admin of *.sk
uhlar na fantomas.sk ; http://www.fantomas.sk/ ; http://www.nextra.sk/
99 percent of lawyers give the rest a bad name.
Další informace o konferenci linux