Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!rutgers!sri-unix!sri-spam!ames!sdcsvax!ucsdhub!jack!man!nu3b2!rwhite
From: rwhite@nu3b2.UUCP (Robert C. White Jr.)
Newsgroups: comp.unix.questions
Subject: Re: Disabling logins under System V
Message-ID: <1127@nu3b2.UUCP>
Date: Fri, 24-Jul-87 22:19:23 EDT
Article-I.D.: nu3b2.1127
Posted: Fri Jul 24 22:19:23 1987
Date-Received: Sun, 26-Jul-87 00:54:40 EDT
References: <905@woton.UUCP> <1309@chinet.UUCP> <1536@ulowell.cs.ulowell.edu> <3010@pegasus.UUCP>
Organization: National University, San Diego
Lines: 28
Keywords: login
Summary: Or else use inittab.

> <  riddle@woton.UUCP writes:
> < < < < < < < Still, a from-scratch login is the only full-proof way to do it.

	If you have a run state left [say 3 or 4]  define the runstate
to allow logins at the console only.  Try adding a 3 after every 2 in the
runstate field of every line that has a 2 in inittab execpt for the
getty entries.  Then "init 3" or "telinit 3" will turn off the logins
and "init 2" or "telinit 2" will restore the login potental.
	If you are doing system adminstration functions "telinit s",
"init s", "telinit 1", and "init 1" will terminate everything execpt
the session at "/dev/syscon", init, and the swapper tasks, you may
have to remount the user partition, but it IS secure for some reasons.

	All the "telinit" commands may be preformed from cron, but cron
dies under "telinit 1" [... s ... etc] so the telinit to return to 2
MUST be part of any cron[ed] scripts.


Robert.

Disclaimer:  My mind is so fragmented by random excursions into a
	wilderness of abstractions and incipient ideas that the
	practical purposes of the moment are often submerged in
	my consciousness and I don't know what I'm doing.
		[my employers certainly have no idea]