Date: 09 May 2001 12:05:20 -0400 From: Chris Shenton <chris@shenton.org> To: freebsd-questions@FreeBSD.ORG Subject: Restrict login access if no homedir? /etc/login.access group? Message-ID: <87y9s6fqyn.fsf@thanatos.shenton.org> In-Reply-To: "Kam Salisbury"'s message of "Fri, 06 Apr 2001 12:12:02 -0000"
next in thread | raw e-mail | index | archive | help
I support a couple small ISPs and I use ssh to sync /etc/master.passwd and group between the systems (instead of something like NIS). On some critical systems (e.g., DNS, RADIUS) I don't want the normal users' entries in /etc/master.passwd to allow them login access to the server. For shell and www/ftp servers, I do want them to have access. Here are couple mechanisms to restrict this on a host-by-host mechanism while keeping the same master.passwd file that come to mind, but I could use some clarification: 1. Prevent login access if the user's homedir is non-existent. Is there a way to set this? Most systems will log you in and put you in "/", not what I want. 2. Put an entry in /etc/login.access like: -:ALL EXCEPT wheel sysadm staff shutdown sync:ALL to allow only users shutdown|sync and users in groups wheel|sysadm|staff to have login access. Suggestions? Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87y9s6fqyn.fsf>