Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: How to Restrict a user, not a root, Login to the Console?
From: Casper Dik (casperholland.sun.com)
Date: Mon Aug 09 2004 - 08:02:17 CDT
>I need a restrict user (oracle for exemple) login to the console. With a superuser root, edit the
/etc/default/login file, but with a user????
>I want that any users who try to remotely log in to this system must first log in with their perso
nal user login, and then use the su command to become a application user.
>I'm working on Solaris 8, and don't want implementation a RBAC solution.
RBAC allows you to convert accounts into roles:
# This uses a bug in Solaris 8/9 rolemod; the syntax in S10 is:
# usermod -K type=role roleuser
rolemod -A '' roleuser
# Then give the users who need to su to roleusr, roleuser as a role:
usermod -R roleuser user1
They still need to share the password.