Root login at console
Ted Mittelstaedt
tedm at toybox.placo.com
Sat Nov 13 07:18:44 GMT 2004
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Doug Hardie
> Sent: Friday, November 12, 2004 10:52 PM
> To: f-questions List
> Subject: Root login at console
>
>
> I am setting up some 5.3 systems and have encountered a situation I
> can't figure out. I have had the following (and only) active line in
> 4.6 systems /etc/login.allow:
>
> -:ALL EXCEPT user1 user2 user3: ALL
>
> That only permitted logins from those 3 users and not root. The users
> had to su to get to root - even on the console. However that same line
> in 5.3 doesn't let anyone su to root (terminal or console). I have to
> add root to the list:
>
> -:ALL EXCEPT root user1 user2 user3: ALL
>
> Then the users can su to root. However root can login on the console
> directly which I don't want. I have tried a few diferent approaches to
> make this work but none have succeeded. What am I missing? Thanks.
>
I don't think that the /etc/login.allow should have blocked root login at
the console. If it did in 4.x that is a bug and 5.3 corrected it.
If you want to block root login at the console then edit /etc/ttys and
change the keyword from "secure" to "insecure" for the console.
Ted
More information about the freebsd-questions
mailing list