NOLOGIN(5) BSD File Formats Manual NOLOGIN(5)NAME
nologin -- disallow logins
DESCRIPTION
Programs such as login(1) disallow logins if the nologin file exists. The programs display the contents of nologin to the user if possible
and interrupt the login sequence. This makes it simple to temporarily prevent incoming logins systemwide.
To disable logins on a per-account basis, investigate nologin(8).
SECURITY
The nologin file is ignored for user root by default.
IMPLEMENTATION NOTES
The nologin feature is implemented through login.conf(5), which allows to change the pathname of the file and to extend the list of users
exempt from temporary login restriction.
PAM-aware programs can be selectively configured to respect nologin using the pam_nologin(8) module via pam.conf(5).
The nologin file will be removed at system boot if it resides in /var/run and cleanvar_enable is set to ``YES'' in rc.conf(5), which is
default. Therefore system reboot can effectively re-enable logins.
FILES
/var/run/nologin default location of nologin
SEE ALSO login(1), login.conf(5), pam.conf(5), rc.conf(5), nologin(8), pam_nologin(8), shutdown(8)BSD May 10, 2007 BSD
Check Out this Related Man Page
PAM_NOLOGIN(8) Linux-PAM Manual PAM_NOLOGIN(8)NAME
pam_nologin - Prevent non-root users from login
SYNOPSIS
pam_nologin.so [file=/path/nologin] [successok]
DESCRIPTION
pam_nologin is a PAM module that prevents users from logging into the system when /var/run/nologin or /etc/nologin exists. The contents of
the file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in.
OPTIONS
file=/path/nologin
Use this file instead the default /var/run/nologin or /etc/nologin.
successok
Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.
MODULE TYPES PROVIDED
The auth and acct module types are provided.
RETURN VALUES
PAM_AUTH_ERR
The user is not root and /etc/nologin exists, so the user is not permitted to log in.
PAM_BUF_ERR
Memory buffer error.
PAM_IGNORE
This is the default return value.
PAM_SUCCESS
Success: either the user is root or the nologin file does not exist.
PAM_USER_UNKNOWN
User not known to the underlying authentication module.
EXAMPLES
The suggested usage for /etc/pam.d/login is:
auth required pam_nologin.so
NOTES
In order to make this module effective, all login methods should be secured by it. It should be used as a required method listed before any
sufficient methods in order to get standard Unix nologin semantics. Note, the use of successok module argument causes the module to return
PAM_SUCCESS and as such would break such a configuration - failing sufficient modules would lead to a successful login because the nologin
module succeeded.
SEE ALSO nologin(5), pam.conf(5), pam.d(5), pam(7)AUTHOR
pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.
Linux-PAM Manual 09/19/2013 PAM_NOLOGIN(8)
I am looking for an alternative. I am not wanting to try and run it using one of those fancy programs that can run windows programs. I am trying to cut the chord from MS so I am looking for good similar programs.
Any thoughts?
If there are none, then I guess I try to run it under Linux. ... (6 Replies)
Hi,
I notice in my Sun Solaris 8 sparc workstatin, I am able to login concurrently using a same user ID.
Is there a way to disallow this? That is, at anyone time, the user can have only 1 login session.
How can it be done?
Thanks (10 Replies)
is the nologin shell available in AIX 5.2? I am familiar with the nologin shell in linux and restricting shell access but still allowing ftp etc. Can this be done in AIX? I have not been able to locate any documentation. Thanks in advance (5 Replies)
Hello everyone
I have to limit the root logins on my aix box (aix 5.3)
I change the value on the /etc/security/user
default (login and rlogin) change to false
and add to root (rlogin and login = false)
I tried in different ways but I got the same.
Root still can login
I try algo... (6 Replies)
I want to apply patches in multiuser mode but stop logins of other users while I do it?
What is the best way to do this?
I will be connected to the system via a putty session over a serial cable from another system (console is messed up)...
Should I put in a dummy passwd and shadow file... (7 Replies)
Hi,
I am using Red Hat Enterprise Linux ES release 4 (Nahant Update 5). Here I have created one user with /sbin/nologin shll such that login is not possible only ftp is possible. But I want to do another thing that the user can not roam around after ftp.
I had tried one way.
in... (4 Replies)
Dear all,
cannot login to a HP unix server using root as well as other logins.
Even root also cannot enter. It seems that they have changed some permissions in /
Any way of recovering the system or getting logged in .
Thanks in advance
Rj (8 Replies)
Unable to login to solaris9 server using SSH mode for root as well as genreal logins. Please find the configuration file .
oss@HYDOHS02:ssh> cat sshd_config
#
# Copyright 2005 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#pragma ident "@(#)sshd_config ... (6 Replies)
Hopefully my question makes sense, but I was wondering if the telnet service has anything to do with console logins or if they are completely unrelated. So for example, does the /etc/default/login file in UNIX have anything to do with Telnet? So if I want to verify that the root user can't login... (8 Replies)
Hi all,
how can I disable direct login to a Solaris system not only for root user but also for other accounts?
Looking in google I came to the following:
For telnet (/etc/default/login):
disable root access> CONSOLE=/dev/console
disable generic user> ?
For ssh... (5 Replies)
Hi team,
I tried to modify the /etc/security/limits.conf file to limit the root user for more one login. I added the line in limits.conf file like:
@root hard maxlogins 1
I also tried to modify /etc/ssh/sshd_config to limit the root userlogin by adding this:
... (10 Replies)
Ok got a strange one here. None of my user accounts are able to login into the system. When trying to ssh to the server i get the following.
Could not chdir to home directory /home/<homedir>: Permission denied
/bin/sh: Permission denied
I checked the permissions on the home directory and even... (7 Replies)
Hi
Part of our security audit we found that following system account's had shells configured;
sync
halt
shutdown
I believe this can be achieved by following commands:
chsh -s /sbin/nologin (user)
usermod -s /sbin/nologin (user)
However, I would like simple script to... (5 Replies)