One of the issues for system administrators is how to keep nonsuperusers from logging in to a system while system configuration or system maintenance is underway. This can be accomplished with the combination of the /etc/nologin file and the NOLOGIN variable in the /etc/default/security file.
If /etc/nologin exists and NOLOGIN=1, nonsuperusers are barred from logging in. What they will see is a system-generated message (Only...security) followed by the contents of /etc/nologin. For example
| Only superusers are allowed to login at this time due to the presence of the file /etc/nologin and NOLOGIN option set in /etc/default/security -=+ SYSTEM MAINTENANCE +=- This system (hprdc185) is undergoing system maintenance. We expect to return to full service on Thursday morning at 9 a.m. Pacific Time. Thank you. |
|
|
2-1 To set up the login barricade
- Create or edit the file /etc/nologin. It can be empty, but users might appreciate some information on why the system is unavailable.
- Edit the file /etc/default/security and set the NOLOGIN line to NOLOGIN=1.
2-2 To restore normal system access
You can also use the ch_rc command to modify the NOLOGIN variable
| # /usr/sbin/ch_rc -a -p NOLOGIN=1 /etc/default/security # /usr/sbin/ch_rc -a -p NOLOGIN=0 /etc/default/security |
No comments:
Post a Comment