Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!husc6!bloom-beacon!bu-cs!m2c!ulowell!eagle.cs.ulowell.edu!arosen From: arosen@eagle.CS.ULowell.Edu (Andy Rosen) Newsgroups: comp.unix.questions Subject: Re: Disabling logins under System V Message-ID: <1536@ulowell.cs.ulowell.edu> Date: Fri, 17-Jul-87 23:28:07 EDT Article-I.D.: ulowell.1536 Posted: Fri Jul 17 23:28:07 1987 Date-Received: Sat, 18-Jul-87 19:35:27 EDT References: <905@woton.UUCP> <1309@chinet.UUCP> Sender: nntp@ulowell.cs.ulowell.edu Reply-To: arosen@eagle.cs.ulowell.edu (Andy Rosen) Organization: University of Lowell, CS Dept Lines: 31 In article <1309@chinet.UUCP> randy@chinet.UUCP (Randy Suess) writes: >In article <905@woton.UUCP> riddle@woton.UUCP writes: >>I am looking for some advice about the preferred way to temporarily >>disable all user logins under System V. What I want is something >>analogous to the BSD "/etc/nologin" file (or is that what it's really > > A friend of mine wrote a /bin/login from scratch that implements >the /etc/nologin feature. This is the best solution I've seen so far. It will work whatever shell a user has, and you don't need source. A simple test in login.c like if ((pwd->pw_uid != 0) && ((fp = fopen("/etc/nologin", "r")) == NULL)) will restrict logins to root if /etc/nologin is there. But, of course, you need source to do this. The solution I used, was to write a program that would be everyones login shell. It checks for nologins and such and then execs sh/csh [the method I use to decide which one is primitive, but serves the purpose for now]. The only problem I see coming out of this, are programs that use the pw_shell field of the passwd struct. Su is one, and this brings back the problem of needing source. Su was easy enough to rewrite around this, and I haven't found any others that broke. Still, a from-scratch login is the only full-proof way to do it. Andy Rosen | ulowell!arosen | ************* | "I got this guitar and I ULowell, Box #3031 | | * RD in '88 * | learned how to make it Lowell, Ma 01854 | | ************* | talk" -Thunder Road