Thanks to all who took time to respond,
Solutions that I did not choose:
Jafar Shameem <email@example.com> and
Jim Harmon <firstname.lastname@example.org> wrote:
use screenlock, xlock while using your account ;-)
"Mark A. Baldwin" <email@example.com> wrote:
Look into a freeware product called logdaemon. You will need TCP Wrappers
in order to build it, but it will give the kind of access control you
are looking for.
Solution that I chose:
Charlie Mengler <firstname.lastname@example.org> and
Rich Kulawiec <email@example.com> wrote:
In the system-wide /etc/profile file or its equivalent
add code to check for the device associated with the user who is logging in.
If the device is console & user is NOT root, then exit (logout!)
> I run a Solaris 2.5 box and have a few users who have access to the
> console. I'd like to make their accounts inaccessible from console,
> so that console would be left just for emergencies.
> What's the best way to accomplish that.
Charlie Mengler <firstname.lastname@example.org> asks why:
But I have to ask, what harm is there from having a regular user using
the console? A user is NOT given any special privs, just because he's
using the console. I really don't understand why you care about this.
Because I run a news server, a web server, a ppp server, a ftp server, etc.
on this box, not to mention the users who rely on it just to log on and get
to the internet. I cannot afford a system crash every time a user decides to
run pine on Open Windows or tries to do a "STOP A" when he/she manages to
freeze the screen, thereby crashing the whole server. IMHO a console is the
tool of the last resort, when everything else fails; it shouldn't be used for
any other purpose.
_/ _/_/_/ _/ ___________ __o
_/ _/ _/ _/ ______________ -\<,
_/ _/ _/_/_/ _/ _/ ......O/ O
_/_/ oe _/ _/. _/_/ ah email@example.com
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:43 CDT