Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!husc6!bloom-beacon!bu-cs!m2c!ulowell!eagle.cs.ulowell.edu!arosen
From: arosen@eagle.CS.ULowell.Edu (Andy Rosen)
Newsgroups: comp.unix.questions
Subject: Re: Disabling logins under System V
Message-ID: <1536@ulowell.cs.ulowell.edu>
Date: Fri, 17-Jul-87 23:28:07 EDT
Article-I.D.: ulowell.1536
Posted: Fri Jul 17 23:28:07 1987
Date-Received: Sat, 18-Jul-87 19:35:27 EDT
References: <905@woton.UUCP> <1309@chinet.UUCP>
Sender: nntp@ulowell.cs.ulowell.edu
Reply-To: arosen@eagle.cs.ulowell.edu (Andy Rosen)
Organization: University of Lowell, CS Dept
Lines: 31

In article <1309@chinet.UUCP> randy@chinet.UUCP (Randy Suess) writes:
>In article <905@woton.UUCP> riddle@woton.UUCP writes:
>>I am looking for some advice about the preferred way to temporarily
>>disable all user logins under System V.  What I want is something
>>analogous to the BSD "/etc/nologin" file (or is that what it's really
>
>	A friend of mine wrote a /bin/login from scratch that implements
>the /etc/nologin feature.

This is the best solution I've seen so far.  It will work whatever shell
a user has, and you don't need source.  A simple test in login.c like

  if ((pwd->pw_uid != 0) && ((fp = fopen("/etc/nologin", "r")) == NULL))

will restrict logins to root if /etc/nologin is there.  But, of course,
you need source to do this.

The solution I used, was to write a program that would be everyones login
shell.  It checks for nologins and such and then execs sh/csh [the method
I use to decide which one is primitive, but serves the purpose for now].

The only problem I see coming out of this, are programs that use the
pw_shell field of the passwd struct.  Su is one, and this brings back the
problem of needing source.  Su was easy enough to rewrite around this, and
I haven't found any others that broke.

Still, a from-scratch login is the only full-proof way to do it.

Andy Rosen         | ulowell!arosen | ************* | "I got this guitar and I
ULowell, Box #3031 |                | * RD in '88 * |  learned how to make it
Lowell, Ma 01854   |                | ************* |  talk" -Thunder Road