Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My goal is to limit the root user to one login on the system.
I appended a line to /etc/security/limits.conf file
Code:
root - maxlogins 1
After a reboot, I am still able to have multiple simultanious root users logged in on different TTYs (no ssh). I tried changing the code to
Code:
root soft maxlogins 1
with no luck AND
Code:
root hard maxlogins 1
still with no luck.
What is going on? Why am I still able to have simultanious root logins on my machine?
PS, No other additional configurations are in the file.
PPS, I decided to add a new line to prevent the only non-root user from multiple logins the same way and it works. It would appear this rule is not being applied to root for some reason. Please give me some insight.
Last edited by jakep219; 04-29-2015 at 08:36 AM.
Reason: could this be a rootkit or some other form of **ckery?
uid=0 of course meaning the root user (or any bogus other users idiots create with the same uid 0 thinking it somehow protects them from just giving out the root password).
You might want to investigate use of /etc/securetty (man securetty to see details) as a more reasonable way of controlling root access by device rather than by number of logins.
If you restrict root login to the console and setup sudo to allow only certain admins to do "sudo su -" to become root you might more effectively both control who becomes root and log who does.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.