I am using CentOS 5.7. I have an /etc/security/access.conf file which has the following: + : root : LOCAL + : @mynetgroup : ALL - : ALL : ALL I thought this is supposed to restrict access to the system to only root and the accounts in the mynetgroup netgroup; however, anyone NIS account is still able to login. It appears that the access.conf is being ignored completely, so I'm thinking there's something I'm missing. How can I restrict access to a system based on NIS netgroups? Thanks! --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanhorn at wright.edu http://www.engineering.wright.edu/~mvanhorn/
On Tue, Nov 08, 2011 at 03:41:22PM -0500, Mike VanHorn wrote:> How can I restrict access to a system based on NIS netgroups?Change nsswitch.conf so that it reads passwd: compat passwd_compat: nis And then in /etc/passwd + at netgroup1:::::: + at netgroup2:::::: That way only users in the given netgroup(s) have visible accounts on the machine. -- rgds Stephen