Path: utzoo!attcan!uunet!seismo!sundc!pitstop!sun!decwrl!ucbvax!husc6!rice!sun-spots-request
From: mlandau@bbn.com (Matt Landau)
Newsgroups: comp.sys.sun
Subject: Re: Asking for root passwd when booting single user
Message-ID: <2353@kalliope.rice.edu>
Date: 16 Dec 88 17:34:11 GMT
Sender: usenet@rice.edu
Organization: Sun-Spots
Lines: 52
Approved: Sun-Spots@rice.edu
Original-Date: 9 Dec 88 05:58:32 GMT
X-Sun-Spots-Digest: Volume 7, Issue 61, message 1 of 12

For what it's worth, here's what we use as root's /.profile on some of our
SunOS 3.X systems, to keep random people from being able to boot single
user.

	/Matt

--- CUT HERE ---

trap "" 1 2
# Now that that's out of the way...

# This is the .profile for root.  It will require the root password before
#   you get a shell running singleuser.

# This expects that you have an entry for "nobody" in your /etc/passwd file.
#  It should look like:

#         nobody:*:-2:-2::/tmp:


PATH=/:/bin:/etc:/usr/ucb:/usr/bin; export PATH
if mount | grep -s /usr
then
    MULTIUSER=YES
else
    MULTIUSER=NO
fi

case $MULTIUSER in
    NO) # Singleuser: require a password if we haven't already
        cat /dev/null >.rootNG
	while [ -f .rootNG ]
	do
	    su nobody -c 'su root -c "rm .rootNG"'
	done
	;;
esac

trap 1 2  # We can put these back now

THISHOST=`hostname`
stty new erase \^h kill \^u intr \^c ff0 nl0 bs1 tabs decctlq ctlecho

PS1="${THISHOST}-> "    ; PS2='Continued -->> '         ; export PS1 PS2

case $MULTIUSER in
    YES)    TERM=unknown
            until [ "$TERM" != unknown ]
            do
                eval `tset -s \?vt100`
            done
esac