This was my first thought also, but on second blush, if you have properly
set up sudoers, then being able to log in as your own userid, listed in
sudoers, is sufficient, and you shouldn't need to log into root from
anywhere, in theory.
The downside of this theory comes in the form of certain vendor products,
which must be installed from root; not from root via an su -, and not from
root via sudo, but only from good, old fashioned root at a terminal, having
entered the root password. (IBM, you know who you are....)
--
.~. Robert P. Nix Mayo Foundation
/V\ RO-OE-5-55 200 First Street SW
/( )\ 507-284-0844 Rochester, MN 55905
^^-^^ -----
"In theory, theory and practice are the same, but
in practice, theory and practice are different."
On 2/5/08 2:15 PM, "Stricklin, Raymond J" <[EMAIL PROTECTED]>
wrote:
>
>
>> I am trying to setup SLES10 to prevent direct login as root
>> on the 3270 console for a SLES10 Linux guest.
>
> Terry;
>
> In order to do this, you need to remove or comment the entry for ttyS0
> in /etc/securetty.
>
> It doesn't seem like a good idea in practice, though I couldn't put my
> finger on exactly why.
>
> ok
> r.
>
> ----------------------------------------------------------------------
> For LINUX-390 subscribe / signoff / archive access instructions,
> send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
> http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
