01-11-2006
This is mentioned in "man login". Basicly just put "console" in /etc/securetty. Then except for /dev/console, root cannot login.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
All,
I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies
2. UNIX for Dummies Questions & Answers
Hi folks,
I'm trying to install a program, and I want to place some of the executables into /usr/bin so that they can be executed from any folder on the computer. I've been giveng the root password, but told never to log in directly as root. Instead, I can wait for a password prompt. However, I... (2 Replies)
Discussion started by: lunchtime
2 Replies
3. AIX
Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in.
I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies
4. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
5. Solaris
Hi All
Hope it's okay to post on this sub-forum, couldn't find a better place
I've got a 480R running solaris 8 with veritas volume manager managing all filesystems, including an encapsulated root disk (I believe the root disk is encapsulated as one of the root mirror disks has an entry under... (1 Reply)
Discussion started by: sunnyd76
1 Replies
6. Solaris
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies
7. SuSE
I access over 100 SUSE SLES servers as root from my admin server, via ssh sessions using ssh keys, so I don't have to enter a password. My SUSE Admin server is setup in the following manner:
1) Remote root access is turned off in the sshd_config file.
2) I am the only user of this admin... (6 Replies)
Discussion started by: dvbell
6 Replies
8. Shell Programming and Scripting
I need to list users in /etc/passwd with root's GID or UID or /root as home directory
If we have these entries in /etc/passwd
root:x:0:0:root:/root:/bin/bash
rootgooduser1:x:100:100::/home/gooduser1:/bin/bash
baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies
9. UNIX for Dummies Questions & Answers
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies
10. UNIX for Beginners Questions & Answers
i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet.
and do i have to use the # chgkey -p afterwards?
i need to patch is why i am asking.
thanks (1 Reply)
Discussion started by: goya
1 Replies
LEARN ABOUT PHP
pam_securetty
PAM_SECURETTY(8) Linux-PAM Manual PAM_SECURETTY(8)
NAME
pam_securetty - Limit root login to special devices
SYNOPSIS
pam_securetty.so [debug]
DESCRIPTION
pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in
/etc/securetty. pam_securetty also checks to make sure that /etc/securetty is a plain file and not world writable. It will also allow root
logins on the tty specified with console= switch on the kernel command line and on ttys from the /sys/class/tty/console/active.
This module has no effect on non-root users and requires that the application fills in the PAM_TTY item correctly.
For canonical usage, should be listed as a required authentication method before any sufficient authentication methods.
OPTIONS
debug
Print debug information.
noconsole
Do not automatically allow root logins on the kernel console device, as specified on the kernel command line or by the sys file, if it
is not also specified in the /etc/securetty file.
MODULE TYPES PROVIDED
Only the auth module type is provided.
RETURN VALUES
PAM_SUCCESS
The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable
device.
PAM_AUTH_ERR
Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the /etc/securetty file is world
writable or not a normal file.
PAM_INCOMPLETE
An application error occurred. pam_securetty was not able to get information it required from the application that called it.
PAM_SERVICE_ERR
An error occurred while the module was determining the user's name or tty, or the module could not open /etc/securetty.
PAM_USER_UNKNOWN
The module could not find the user name in the /etc/passwd file to verify whether the user had a UID of 0. Therefore, the results of
running this module are ignored.
EXAMPLES
auth required pam_securetty.so
auth required pam_unix.so
SEE ALSO
securetty(5), pam.conf(5), pam.d(5), pam(7)
AUTHOR
pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
Linux-PAM Manual 09/19/2013 PAM_SECURETTY(8)