06-29-2002
I'm pretty sure that "su - Y" will fail because you would get the same shell and not be able to do anything. But "su Y" is another matter, that will work and there is no easy way to change that.
On SunOS, su does use a facility called pam and it is probably possible to configure pam to do this. I have never used pam, and as I survey the man pages, I tend to think that this approach would be too difficult for you.
One thing that I have seen done is to restrict who can run su at all. This means that user X could not su to user Y. But the price is that user X can no longer use su at all.
To do this:
create a new group called wheel
chgrp wheel /usr/bin/su
chmod 4750 /usr/bin/su
Now anyone who needs to use the su program must be added to the group called wheel.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a basic query. I use telnet and ftp very frequently. I want to do it without spending time in typing username and password everytime. I know that if I have .netrc file which contains server address, username, pasword, then just typing ftp will conect to that server with that username and... (10 Replies)
Discussion started by: asutoshch
10 Replies
2. IP Networking
Dumb question I'm sure but how on earth do I transfer files from a sco unix machine to my windows 2000 machine. I'm typing commands on my Win2000 machine. All I can seem to do is move files around on the unix system? (8 Replies)
Discussion started by: Timbash
8 Replies
3. UNIX for Dummies Questions & Answers
Hi quick question from a unix newbie
Working on a project to get me using unix, the point of this project is to find a printer on the network check for jobs in the printer if the printer has no jobs do nothing if the printer has jobs then check the status for errors and e-mail the user. This... (2 Replies)
Discussion started by: w33man
2 Replies
4. Linux
hi ,
i have jsut installed linux 9.0 , but i can not ftp or telnet to the system .
i have installed the ftp and the telnet server during installation .
i have also configured the files to enable the ftp and telnet , the ftp and the telnet daemons are running , but when i do ftp :
ftp... (1 Reply)
Discussion started by: ppass
1 Replies
5. Shell Programming and Scripting
Hi,
I want to automate FTP. I have a fair idea that this can be done using expect scripting. But I dont how to do it. Please, can anyone give me an example of how to do it in Unix.
Thanks in advance (2 Replies)
Discussion started by: sendhilmani123
2 Replies
6. UNIX for Dummies Questions & Answers
Well I have the programs and everything and the program itself seems to work, but they don't seem to be operateble. I ALWAYS get connection refused on everything. ftp, telnet, rlogin, ssh etc. So it must have something to do with some setting that doesn't allow connections to external hosts or... (6 Replies)
Discussion started by: riwa
6 Replies
7. UNIX for Advanced & Expert Users
Hi All,
I need to stop all the services for telnet & FTP as we want our
server to be more secure.
Please give me some steps for jumping to SSH protocol.
How can i disable telnet & ftp service on my server. (1 Reply)
Discussion started by: pradeep_desh
1 Replies
8. Shell Programming and Scripting
hi everyone
i'm running script in c-shell and i want this script to connect to admin account in order to run other script in k-shell. after that i want the script to be severed from the admin account and to continue with the regular commands
example:
my script call cs-customers
echo"starting... (16 Replies)
Discussion started by: naamas03
16 Replies
9. Solaris
I have a sunfire V240 but nobody seems to know the root password. I can get into ALOM but not console mode. Is there a hack or something that cn get me back into this system lo reload it? (5 Replies)
Discussion started by: dewsdwarfs
5 Replies
10. UNIX for Dummies Questions & Answers
Aix6.1
last | grep ftp shows me only 3 days.
last does not show me telnet login or the same as ftp.
i'd like to get the last 90 days of users who telnet or ftp to the box.
thanks in advance. (3 Replies)
Discussion started by: lawsongeek
3 Replies
LEARN ABOUT ULTRIX
telnetd
telnetd(8c) telnetd(8c)
Name
telnetd - DARPA TELNET protocol server
Syntax
/etc/telnetd
Description
The server supports the DARPA standard TELNET virtual terminal protocol. The TELNET server is invoked when receives a connection request
on the port indicated in the TELNET service description.
The server operates by allocating a pseudo-terminal device for a client, then creating a login process which has the slave side of the
pseudo-terminal as stdin, stdout, and stderr. The server manipulates the master side of the pseudo terminal, implementing the TELNET pro-
tocol and passing characters between the client and login process.
When a TELNET session is started up, sends a TELNET option to the client side indicating a willingness to do remote echo of characters, to
suppress go ahead, and to receive terminal type information from the remote client. If the remote client is willing, the remote terminal
type is propagated in the environment of the created login process. The pseudo terminal allocated to the client is configured to operate
in cooked mode and with XTABS and CRMOD enabled.
Aside from this initial setup, the only mode changes will carry out are those required for echoing characters at the client side of the
connection.
The server supports binary mode, suppress go ahead, echo, and timing mark. It also allows a remote client to do binary, terminal type, and
suppress go ahead.
Restrictions
Some TELNET commands are only partially implemented.
The TELNET protocol allows the exchange of the number of lines and columns on the user's terminal, but does not make use of them.
The terminal type name received from the remote client is converted to lower case.
The server never sends TELNET go ahead commands.
See Also
telnet(1c), pty(4), tty(4), services(5), inetd(8c)
telnetd(8c)