Got questions? Go ahead: Ask me anything!
How can I prevent logins? I need a way to disable logins from the root user account without being at the server console itself.
Many modern Unix/Linux systems respect the /etc/nologin file. Simply login as root and do "touch /etc/nologin". This restricts logins to root only. When you want to allow users again, "rm /etc/nologin".
Many systems also allow you to add text to /etc/nologin. When users attempt to login, they see that text.
$ ssh email@example.com Logins currently not allowed. Check back in an hour or so, thanks.
Older systems like SCO Unix don't have that. For these systems, you need to add code to /etc/profile. For example, you could add this:
IAM=`who am i | cut -d" " -f1` [ -f /etc/nologin ] && [ $IAM ] && [ $IAM != "root" ] && exit 0
The danger here is that you mistype that code - you could easily lock yourself out forever. I recommend not exiting the editor until you have tested thoroughly.
But what about users already logged in? That code doesn't affect them at all.
That can be trickier. You can write scripts to loop through logged in users and kill them off. A more drastic but easy solution is to "touch /etc/login" and then do a shutdown and reboot.
Got something to add? Send me email.
(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Printer Friendly Version
Increase ad revenue 50-250% with Ezoic
Inexpensive and informative Apple related e-books:
Take Control of the Mac Command Line with Terminal, Second Edition
Take Control of iCloud, Fifth Edition
Sierra: A Take Control Crash Course
Take Control of Upgrading to Yosemite
iOS 8: A Take Control Crash Course