How to enable "root" login for other tty in Solaris 2.2 ?

How to enable "root" login for other tty in Solaris 2.2 ?

Post by Ming Yau » Wed, 09 Jun 1993 10:02:06



The title says it all.  I know in SunOS 4.x, I just nned to modify the secure
flag in /etc/ttytab for enable/disable a certain tty from logging in as root,
but I can't find out how to do it in SunOS 5.2.  Help !

Thanks in advance.

--
==============================================================================

                                        AOL: Ming So
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 
 
 

How to enable "root" login for other tty in Solaris 2.2 ?

Post by James Litchfield - NW Area Solaris 2.0 Transition Bo » Thu, 10 Jun 1993 10:41:54


Root login access is controlled by a file called /etc/default/login. This file is
read by login before it runs and various variables are pulled from it.
One of these is "CONSOLE=". If it has a value, then that is the *only* device
root logins are accepted on. The default value the system is shipped with is
CONSOLE=/dev/console. Note that this is for *any* login whose uid is 0 - not
just logins called 'root'. There is no provision for multiple console devices.

Other values that login will read:

ALTSHELL=
        If set to YES will place SHELL="value from passwd entry for shell" in the
        environment - assuming the entry is non-null. If the entry is null,
        login will use /sbin/sh or /usr/bin/sh (if /sbin/sh is not executable)
        and not place the SHELL= environment variable. Default value in
        login default value is YES.
PASSREQ=
        Indicates if all users must have a password. Default is YES (based on value
        in login default file). If no entry in login default file, passwords are
        not required.
TIMEZONE=
        Value used for timezone *if* the file /etc/TIMEZONE does not have a value.
        If that file exists and has a value, the value in the login default file
        is not used. If neither have values, the file /usr/lib/locale/TZ/localtime
        is used. Default value is none.
HZ=
        Value of the HZ environment variable. Default is 100 (for desktop systems) -
        set in login default file.
PATH=
        If login uid is not 0, the default path provided. Default: /usr/bin
SUPATH=
        If login uid is 0, the default path provided. Default:
                /sbin:/usr/sbin:/usr/bin:/etc
ULIMIT=
        Ulimit applied to all logins. Default is 0 (unlimited).
TIMEOUT=
        Number of seconds before login gives up waiting for input. Default is 60.
        Maximum is 900 (15 minutes).
UMASK=
        Default value is 022 which will be applied if a faulty umask is provided
        or none is specified.
IDLEWEEKS=
        Number of weeks password can be expired before logins are denied.
        Default is no value (i.e., not checked). If set to zero, all expired
        passwords (no matter how long expired) will require root intervention
        to restore access.

Changes to this file will be seen the next time a login is attempted. Access should
be restricted to root (for writing). The security paranoid could make a case for
blocking read access to others also.

Additional note: if the file /var/adm/loginlog is present, failed login attempts
        will be logged in that file after the fifth consecutive failure.

 
 
 

How to enable "root" login for other tty in Solaris 2.2 ?

Post by Dave Miner - ...sometimes you're the b » Thu, 10 Jun 1993 22:45:15



...

Quote:>TIMEZONE=
>    Value used for timezone *if* the file /etc/TIMEZONE does not have a value.
>    If that file exists and has a value, the value in the login default file
>    is not used. If neither have values, the file /usr/lib/locale/TZ/localtime
>    is used. Default value is none.

One minor correction, as this used to trip up people all the time, and still might.  The rules and implementation changed slightly in Solaris 2.2.  Excerpting from the comments in login.c:

         * There is a priority set up here.  If /etc/default/init has*
         * a value for TZ, that value remains top priority.  If the  *
         * file /etc/default/login has TIMEZONE set, that has second *
         * highest priority not overriding the value of TZ in        *
         * /etc/default/init.                                        *
         *                                                           *
         * (/etc/TIMEZONE file is linked to /etc/default/init file.) *

I believe the /usr/lib/locale/TZ/localtime file no longer exists, so if TZ isn't set in the environment, you get GMT/UTC.

Dave

---
---------------------------------------------------------------------------

SunSelect, PC Networking Engineering                (508) 442-0463
---------------------------------------------------------------------------

 
 
 

How to enable "root" login for other tty in Solaris 2.2 ?

Post by Casper H.S. D » Thu, 10 Jun 1993 23:49:51



Quote:>One minor correction, as this used to trip up people all the time, and still might.  The rules and implementation changed slightly in Solaris 2.2.  Excerpting from the comments in login.c:
>     * There is a priority set up here.  If /etc/default/init has*
>     * a value for TZ, that value remains top priority.  If the  *
>     * file /etc/default/login has TIMEZONE set, that has second *
>     * highest priority not overriding the value of TZ in        *
>     * /etc/default/init.                                        *
>     *                                                           *
>     * (/etc/TIMEZONE file is linked to /etc/default/init file.) *
>I believe the /usr/lib/locale/TZ/localtime file no longer exists, so if TZ isn't set in the environment, you get GMT/UTC.

Not entirely true. In Solaris 2.1 you get localtime which probably is
GMT, unless your administrator has run zic -l.

The pathname is /usr/share/lib/zoneinfo/localtime, not
/usr/lib/locale/TZ/localtime.

In Solaris 2.2, if TZ isn't set, the library code opens /etc/default/init.

(I tested this with truss -t open on a Solaris 2.1 date binary, running on
Solaris 2.1).

Casper

 
 
 

How to enable "root" login for other tty in Solaris 2.2 ?

Post by Torben Noerup Niels » Fri, 11 Jun 1993 02:03:16


That reminds me..... Does anyone know how to prevent getting the normal  
login banner on the console? I'm running xdm and it's nnoying to have the  
screen wiped out by the line:

hostname login:

What's the best way to disable it?

Also, where might there be documentation on the defaults on /etc/defaults?

Thanks, Torben

 
 
 

How to enable "root" login for other tty in Solaris 2.2 ?

Post by Gantt Edmist » Fri, 11 Jun 1993 07:31:03



Quote:>The title says it all.  I know in SunOS 4.x, I just nned to modify the secure
>flag in /etc/ttytab for enable/disable a certain tty from logging in as root,
>but I can't find out how to do it in SunOS 5.2.  Help !

>Thanks in advance.

What you do is edit your /etc/default/login file.  Here is a copy of mine:


#TIMEZONE=EST5EDT
HZ=100
#ULIMIT=4096
#CONSOLE=/dev/console
#PASSREQ=YES
ALTSHELL=YES

I know this works because it did for me.  What I *don't* know is the
exact meaning for each field.  If someone know that, let us all in on
the secret!

--
-----------------------------------------------------------------------------
Gantt Edmiston - SysAdmin     o | "Oui, j'ai eprouve de l'herbe aux chats,
SAS Institute Inc.          <(  |  mais je ne m'ai jamais en rouler!"--Socks
Quality Assurance - R3313    [\.+--------------------------------------------

-----------------------------------------------------------------------------

 
 
 

1. User "tty" in group "tty"

In the distributed /etc/group file there's the line

tty::7:root,tty,adm

but there isn't an entry in /etc/passwd for a user called tty.

Is this an oversight, or does this phantom username have a purpose?

--

    Cliff Hathaway
    Dept. of Computer Science (602)621-4291

    Tucson, Ariz. 85721       {cmcl2,noao,uunet}!arizona!cliff  (uucp)

2. UP1000 + Matrox G450

3. SUMMARY: "find" in root crontab hangs Solaris 2.2

4. Installing Linux on Virtual PC

5. GETSERVBYNAME()????????????????????"""""""""""""

6. Cannot shutdown or reboot

7. "find" in root crontab hangs Solaris 2.2

8. Help needed with Mach-8 card.

9. "Login" and "su" issue with root password

10. """"""""My SoundBlast 16 pnp isn't up yet""""""""""""

11. How to "rcp"/"rsh" as "root"?

12. how 2 change this "hostname login:" to simple "login:"

13. "Standard Journaled File System" vs "Large File Enabled Journaled File System"