Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!rutgers!sri-unix!sri-spam!ames!sdcsvax!ucsdhub!jack!man!nu3b2!rwhite From: rwhite@nu3b2.UUCP (Robert C. White Jr.) Newsgroups: comp.unix.questions Subject: Re: Disabling logins under System V Message-ID: <1127@nu3b2.UUCP> Date: Fri, 24-Jul-87 22:19:23 EDT Article-I.D.: nu3b2.1127 Posted: Fri Jul 24 22:19:23 1987 Date-Received: Sun, 26-Jul-87 00:54:40 EDT References: <905@woton.UUCP> <1309@chinet.UUCP> <1536@ulowell.cs.ulowell.edu> <3010@pegasus.UUCP> Organization: National University, San Diego Lines: 28 Keywords: login Summary: Or else use inittab. > <riddle@woton.UUCP writes: > < < < < < < < Still, a from-scratch login is the only full-proof way to do it. If you have a run state left [say 3 or 4] define the runstate to allow logins at the console only. Try adding a 3 after every 2 in the runstate field of every line that has a 2 in inittab execpt for the getty entries. Then "init 3" or "telinit 3" will turn off the logins and "init 2" or "telinit 2" will restore the login potental. If you are doing system adminstration functions "telinit s", "init s", "telinit 1", and "init 1" will terminate everything execpt the session at "/dev/syscon", init, and the swapper tasks, you may have to remount the user partition, but it IS secure for some reasons. All the "telinit" commands may be preformed from cron, but cron dies under "telinit 1" [... s ... etc] so the telinit to return to 2 MUST be part of any cron[ed] scripts. Robert. Disclaimer: My mind is so fragmented by random excursions into a wilderness of abstractions and incipient ideas that the practical purposes of the moment are often submerged in my consciousness and I don't know what I'm doing. [my employers certainly have no idea]