final summary:nologin-exception

From: Dr. Martin Körfer (koerfer@mpch-mainz.mpg.de)
Date: Mon Dec 13 2004 - 09:12:16 EST

• Next message: Alan Douglas: "root filesystem - lost space"
• Previous message: Martin Koerfer: "summary:nologin-exception"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Very simple solution,

as I run the webmail-service on a 2 node cluster using the Apache-Webserver (on
secure port 443), I needed to define thr SSL Virtual Host Context in the
httpd.conf.
Here I determined as Servername the name of the "cluster-alias".
Now creating /etc/nologin_$host1 and ..._$host2, users are not able to login
through ssh or telnet (even when using the "cluster-alias" the hostname of the
login-host1 or ..2 is determined !)
The https uses the "cluster-alias", wherefor login is not permitted !!

Fine

Martin

Only one usefull answer from Piotr Grzybowski:
------------------------------------------------------------------
maybe try play with /etc/nologin_${hostname} and try to explain
to the imap servers and http deamon that they should use
a different hostname than that in ${hostname}.
----------------------------------------------------------------------

A good hint, thus:
May be I can create an if-statement in the "/sbin/enlogin"-script that login
through "httpd" causes to use another hostname.
The only difficulty is to determine a matching criterium, as their are always
several httpd's running.

Open for ideas, I will report,

Martin

On Thu, 9 Dec 2004, Martin Koerfer wrote:

> Date: Thu, 09 Dec 2004 13:09:01 +0100
> From: Martin Koerfer <koerfer@mpch-mainz.mpg.de>
> To: tru64-unix-managers@ornl.gov
> Followup-To: poster
> Subject: nologin-exception
>
> Hi managers,
>
> we run Tru64 V5.1a(PK6), basic security, on an AS that is configuered with
> /etc/nologin, in order to prevent "user-access".
> Now we want to grant access only to "users" that want to access the
imap-service
> for checking their mail with an "webmail"-application.
> Do you know a way to grant access for users that use a special service only by
> keeping the general "nologin"-conditions ??
>
> Any help would be appreciated
>
> Thanks in advance
>
> Martin Körfer
>

-------------------------------------------------
This mail sent through IMP: www1.mpch-mainz.mpg.de

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

• Next message: Alan Douglas: "root filesystem - lost space"
• Previous message: Martin Koerfer: "summary:nologin-exception"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:50:12 EDT