Hello Managers, I am pasting the summary for the problem below. The problem was: I want to configure a LOGIN ID in such a way that the account should be locked and also ordinary users should be able to do "su" into that account and get a shell to work.Is there any possibility of doing this? SUMMARY: 1. One way is to make the home dir of the user (i.e. testuser) non-writable to the owner and then place a .profile in there that does a "trap "" 2; exit". Anyone doing a direct login will run the .profile and exit out. This won't stop "r" commands unless you shut them off. 3. Since you're running Solaris 8, you can use RBAC (Role Based Access Control) to do this. Create testuser as a role and assign that role to the users you want to be able to access it. The OE documentation will give you the details on how to do this. you can make testuser a role with solaris 8 or 9's /etc/user_attr table. add this to /etc/user_attr: testuser::::type=role;auths=solaris.*,solaris.grant;profiles=All usertousesu::::type=normal;auths=solaris.system.dat;roles=testuser;profile s=All Only these users can su to testuser Regards Sridhara _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Thu Mar 4 20:30:23 2004
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:29 EST