Re: [SLUG] Limiting terminal access to root

From: ronan (
Date: Wed Mar 12 2008 - 05:13:44 EST

Rich Morgan wrote:
> Hey guys and gals, an interesting forum question was posted by a friend
> of mine and I'd like to get your take on it: How do you limit access to
> the command line to just root? That is to say, not allow a user account
> to access a terminal at all.
You could probably create a FAKE_SHELL script and put it into
/etc/login.defs That script can check: if $USER != 'root' and the
output of 'tty' is '/dev/tty?' (wildcard), then 'exit', else 'bash'. A
non-console login will have '/dev/pts/#' instead of '/dev/tty#', so
those will still be allowed.

Instead of the FAKE_SHELL route, you might be able to put your check
into /etc/bash_profile (as long all users have bash as their shell, as
long as the user is not able to prevent their bash from executing that

This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:21:13 EDT