|Previous||Table of Contents||Next|
The following example shows the output of the logins command, which is used with no arguments:
castle% su Password: # logins root 0 other 1 Super-User smtp 0 root 0 Mail Daemon User daemon 1 other 1 bin 2 bin 2 sys 3 sys 3 adm 4 adm 4 Admin uucp 5 uucp 5 uucp Admin nuucp 9 nuucp 9 uucp Admin listen 37 adm 4 Network Admin lp 71 lp 8 Line Printer Admin winsor 1001 staff 10 ray 1002 staff 10 des 1003 staff 10 rob 1004 staff 10 nobody 60001 nobody 60001 Nobody noaccess 60002 noaccess 60002 No Access User nobody4 65534 nogroup 65534 SunOS 4.x Nobody #
The following example displays an extended set of login status information for user winsor.
# logins -x -l winsor winsor 1001 staff 10 /export/home/winsor /bin/csh PS 000000 -1 -1 -1 #
The following example shows a list of user accounts with no password.
# logins -p ray 1002 staff 10 des 1003 staff 10 rob 1004 staff 10 #
The following example shows extended login status for all user accounts on a standalone system.
#logins -xu winsor 1001 staff 10 /export/home/winsor /bin/csh PS 000000 -1 -1 -1 ray 1002 staff 10 /export/home/ray /bin/csh NP 000000 -1 -1 -1 des 1003 staff 10 /export/home/des /bin/csh NP 000000 -1 -1 -1 rob 1004 staff 10 /export/home/rob /bin/csh NP 000000 -1 -1 -1 nobody 60001 nobody 60001 Nobody / /sbin/sh LK 082587 -1 -1 -1 noaccess 60002 noaccess 60002 No Access User / /sbin/sh LK 082587 -1 -1 -1 nobody4 65534 nogroup 65534 SunOS 4.x Nobody / /sbin/sh LK 082587 -1 -1 -1 #
You can temporarily disable logins to prevent new login sessions in one of two ways:
When a system will not be available for an extended time, you can create an /etc/nologin file to prevent users from logging in to the system. When a user logs in to a system that has an /etc/nologin file, the message in the /etc/nologin file is displayed and the user login is terminated. Superuser logins are not affected by the /etc/nologin file.
Use the following steps to create an /etc/nologin file:
The following example shows the text of a nologin file:
#cat /etc/nologin No Logins Are Currently Permitted The system will be unavailable until 12 noon on Friday, October 24. #
If it is important for you to track whether users are trying to log in to your user accounts, you can create a /var/adm/loginlog file with read and write permissions for root only. After you create the loginlog file, all failed login activity is written to this file automatically after five failed attempts. The five-try limit avoids recording failed attempts that are the result of typographical errors.
The loginlog file contains one entry for each failed attempt. Each entry contains the user's login name, tty device, and time of the attempt.
NOTE: The loginlog file may grow quickly. To use the information in this file and prevent it from getting too large, check and clear its contents regularly. If this file shows a lot of activity, it may suggest that someone is trying to break into the computer system. If you regularly track information from the loginlog file, consider creating a cron entry to track and clear out the loginlog file.
Use the following steps to create a loginlog file:
A network server can control which files are available for sharing. It can also control which clients have access to the files and what type of access is permitted to those clients. In general, the file server can grant read/write or read-only access either to all clients or to specific clients. Access control is specified when resources are made available by using the share command.
A server can use the /etc/dfs/dfstab file to list the file systems it makes available to clients on the network. See the Solaris System Administrator's Guide for more information about sharing files (see bibliography at the end of this book).
|Previous||Table of Contents||Next|