Locking out non-root users while the system is in maintenance
To disable all user logins (except for root) without taking down the system into maintenance mode create a file in the location /etc/nologin.
The content of this file will be displayed when a user tries to log in. Useful when doing service on the system which might affect users. Steps to do: 1.Go to terminal login as sudo user inorder to create file in /etc. lostwarrior@leo:~$ --usermode lostwarrior@leo:~$ sudo -s [sudo] password for lostwarrior: root@leo:~# 2.Once u login as root in terminal type cd /etc 3.type touch nologin Now the user cant able to enter into the machine.If he enters the username then the content from nologin file will get displayed 4.NoteBefore doing this try to have the root password.Otherwise u cant enter into the root access. 5.For creating root password.1.Go to terminal login as sudo user warrior@leo:~$ --usermode lostwarrior@leo:~$ sudo -s [sudo] password for lostwarrior: root@leo:~# 6.now type passwd root (herepasswd is the command and root is the user) 7.enter the new password for root. root@leo:/etc# passwd root Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully root@leo:/etc# Note:This has been tested under ubuntu 7.10 |
If the file /etc/nologin exists, login will allow access only to root. Other users will be shown the contents of this file and their logins will be refused.
Quote:
~$ --usermode bash: --usermode: command not found I think you left something out... Quote:
Hey! I'm locked out! Quote:
How about just start with: 0. enable root login. 1. sudo nano /etc/nologin Add text: My Apologies; This system has been locked for maintenance. Anormal service will resume at 2300 hours. --The MGT :) Now you have a two-step howto, instead of 7. BTW: Put "HOWTO" in the title next time. |
nthillaiarasu,
Good job. I learned something new today. :study: Simon. Thanks for the cleanup/clarification. |
I decided to play with this a *very little*. I created /etc/nologin with some gibberish in Ubuntu. Guess what? I was still able to log in with my user account. Maybe this is due the fact that you can't directly log into Ubuntu as root, or maybe it's because I'm logging in via GUI. So, it's not a 100% case.
|
That's because /etc/nologin works only when login(1) is involved.
|
Isn't it just a lot easier to move to runlevel 1? You know telinit 1, do your maintenance work, then telinit 3 (or whatever your normal runlevel is).
|
All times are GMT -5. The time now is 10:14 PM. |