The following is some additional information which I received:
I will be using idled which seems to be the best.
Mark_Neill
Create a map with the userID's and hostnames that htey are
allowed to
log
into...for example:
# ypcat -k authmap
user1 :host1:host2:host3:
user2 :host1:
user3 :host2:host3:
For each box you want to limit access to, touch
/etc/.sys-access
In /etc/profile on each box, add the following scripting:
# Sys-Access
###################################################
if ( [ ! -f /etc/.sys-access ] ) then
echo "Validating access to this system"
grep "^${LOGNAME}:" /etc/passwd > /dev/null 2>&1
if ( [ ${?} = 0 ] ) then
echo "Resident login"
else
SYSNAME=`uname -n`
ypmatch ${LOGNAME} auto.sys-access 2>/dev/null
| grep
":${SYSNAME
}:" > /dev/null 2>&1
if ( [ ${?} != 0 ] ) then
echo "${LOGNAME} does not have access
to this system."
exit 1
fi
fi
fi
Also Singh Adrian mentioned:
edit the users .profile (or .login if your that way inclined)
put something like this in:
if [`who -m|sed 's/ .*//'` = oracle ]
then
echo get lost: you can only su to this account
exit 1
fi
you must of course make the .profile owned by root and not
allow
writes to oracle
________________________________________________
Get your own "800" number - Free
Free voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag
S
U BEFORE POSTING please READ the FAQ located at
N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq
. and the list POLICY statement located at
M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy
A To submit questions/summaries to this list send your email message to:
N sun-managers@sunmanagers.ececs.uc.edu
A To unsubscribe from this list please send an email message to:
G majordomo@sunmanagers.ececs.uc.edu
E and in the BODY type:
R unsubscribe sun-managers
S Or
. unsubscribe sun-managers original@subscription.address
L To view an archive of this list please visit:
I http://www.latech.edu/sunman.html
S
T
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:18 CDT