One of the issues for system administrators is
how to keep nonsuperusers from logging in to a system while system
configuration or system maintenance is underway. This can be accomplished
with the combination of the /etc/nologin file
and the NOLOGIN variable in the /etc/default/security file.
If /etc/nologin exists and NOLOGIN=1, nonsuperusers are barred from logging in. What
they will see is a system-generated message (Only...security) followed by the contents of /etc/nologin.
For example:
Only superusers are allowed to login at this time due to the presence
of the file /etc/nologin and NOLOGIN option set in /etc/default/security
-=+ SYSTEM MAINTENANCE +=-
This system (hprdc185) is undergoing system maintenance. We expect to
return to full service on Thursday morning at 9 a.m. Pacific Time.
Thank you. |
Procedure 2-2 To set up the login barricade
Create
or edit the file /etc/nologin. It can be empty,
but users might appreciate some information on why the system is unavailable.
Edit
the file /etc/default/security and set the NOLOGIN line to NOLOGIN=1.
Procedure 2-3 To restore normal system access
You can also use the ch_rc command
to modify the NOLOGIN variable (see ch_rc(1M)).
# /usr/sbin/ch_rc -a -p NOLOGIN=1 /etc/default/security
# /usr/sbin/ch_rc -a -p NOLOGIN=0 /etc/default/security |
Printable version
