Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!biar!trebor From: trebor@biar.UUCP (Robert J Woodhead) Newsgroups: comp.unix.xenix Subject: Proper procedure for AUTOLOGIN in SCO Keywords: sco auto login init getty Message-ID: <190@biar.UUCP> Date: 7 Mar 89 02:18:29 GMT Organization: Biar Games, Inc. Lines: 70 Thanks to the many people who mailed me on how to set up an AUTO account. You got me pointed in the right direction, although there were a few twists and turns that nobody expected. Here is the procedure that works for me: ---------------------------------------------------------------------------- How to set up an AUTO login account in SCO Xenix in XX easy steps. 1) Select the port you want to use for AUTO login. I chose tty08, one of my multiscreens, for my testing. 2) Disable the port; execute "disable tty08" (everything done from root) 3) Examine /etc/ttys and note the entry for tty08. In my case it was "0mtty08". 4) Edit /etc/gettydefs and find the current entry for tty08. This is the entry that starts with the letter that was the second character in the /etc/ttys entry. In this case, it is "m", which in my file was m # B9600 HUPCL # B9600 CS8 SANE HUPCL TAB3 ECHOE IXANY # \r\n@ login: # m Make a copy of this entry, paste it in at the end of the file, and modify it as follows: change the two m's to the first unused entry, in my case, "p". Add "# AUTO /etc/login" to the end of the line. Most important, take all the entries in the third field and add them to the second field. If you don't do this, your login will come up in RAW mode, which is disconcerting to say the least. It seems that when you do an AUTO login, a stty with the arguments in the third field is not done, because getty is being bypassed. Thus my new entry looked like this: p # B9600 HUPCL CS8 SANE TAB3 ECHOE IXANY # B9600 CS8 SANE HUPCL TAB3 \ ECHOE IXANY # \r\n@ login: # p # AUTO /etc/login All on one line, of course. When you save this file, make sure that your editor doesn't muck up the permissions (mg did). 5) Use mkuser to create a new user named for the terminal; in my case the user was named "tty08". 6) Edit /etc/passwd and change the password field of "tty08" to null. Otherwise you will be asked for a password. Note that this opens up a security hole in your system as anyone who is in the know can now log into your system under this account. 7) enable the port with "enable tty08" and you should be up and running. If not, reboot your system (We did a lot of mucking around because of the raw mode problem, so it's unclear to us if you need to reboot and we are too lazy to go check). Thats all there is to it. I am however VERY disturbed about the security hole created by the AUTO process. It seems to me that if they have gone to the trouble to provide the AUTO escape, then there should be a way to restrict certain accounts to certain terminals. In this case I can just put some code in the .profile to check if tty returns '/dev/tty08' and log the user out if not (right?), but is there a better way to do this? And is the above approach secure? +---------------------------------------------------------------------------+ | Robert J Woodhead !uunet!cornell!biar!trebor CompuServe 72447,37 | | Biar Games, Inc., 10 Spruce Lane, Ithaca NY 14850 607-257-1708,3864(fax) | +---------------------------------------------------------------------------+ | Games written, Viruses killed "I'm the head honcho of this here spread; | | While U Wait. Take a number. I don't need no stinking disclaimers!!!" | +---------------------------------------------------------------------------+