My solution (on Debian, FC1 and FC2):
- For local CLI logins:
Put my message into /etc/issue.
On sane systems, /etc/issue gets displayed every time a user logs in; on
the Fedora systems I had to add a line to /etc/profile so this would
work, like so:
...
/bin/cat /etc/issue
...
- For remote (ssh) logins:
Put my message into /etc/issue.net.
On sane systems, /etc/issue.net gets displayed to remote terminals right
after login. On less sane systems, you need to edit /etc/ssh/sshd_config
and uncomment the line:
Banner /etc/issue.net
Don't forget to restart sshd after that.
- For local GUI logins:
I've installed something called zenity and then created the script
/etc/gdm/PostLogin/Default containing the following:
if [ -f /etc/admin.msg ]
then
zenity --info --info-text "`cat /etc/admin.msg`"
fi
The "Default" script gets run by gdm right after login but before the
actual (usually gnome) session is set up. If there is a file in /etc
called "admin.msg", its contents get displayed in a nice graphical
window. If there is no such file, nothing happens.
I have the message in 3 different files so that I can customize things
depending on the access methods - and also depending on departmental
policies, but that's a different discussion.
Hope this helps
Yuri
Kirkwood, David A wrote:
Can you not just add the disclaimer to /etc/issue?
Seems the perfect place to me...
What's the ingress route? SSH / Telnet / Terminal / rlogin?
SSH has settings that you can set in it's configuration file located in
/etc
Ingress route is all inclusive. /etc/issue does not satisfy the requirements
for X11 greeting
and user intervention to complete the login process. For the terminal logins
I know I
can use a combination of the /etc/login, profile, and so forth, but the
problem is the X11
screen criteria...
How can I add a warning to the login page of a RH Enterprise system
stating that the system is subject to monitoring, etc notifying the user
before he logs in
or completes the login process? The banner must require user intervention
to compete the login process in order to satify tacit complience issues.
Dave
-
: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Yuri Csapo
Academic Computing & Networking
Colorado School of Mines
Green Center Rm 249
Phone: (303) 273-3503
Fax: (303) 273-3475
Email: ycsapo@xxxxxxxxx
Please use the following link to open a service request:
http://helpdesk.mines.edu
===========================================
With a PC, I always felt limited
by the software available.
On Unix, I am limited only by my knowledge.
--Peter J. Schoenster
-
: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
