From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 98) man page for login describes structure of /etc/usertty file for limiting access, but program does not appear to check this file and limit access. (Providing functionality as described in man page would be preferable to modifying man page.) Following examples in man page does not limit access, and "strings /bin/login" lists /etc/securetty but not /etc/usertty, so apparently program does not reference the file. Reproducible: Always Steps to Reproduce: 1.Create a file /etc/usertty with the following lines (substitute valid usernames & IP addresses for your system for joe1 and joe2 and 192.168.1.5) : USERS joe1 tty1 joe2 192.168.1.5/255.255.255.255 2. Try to log in as joe1 on (say) tty2. Try to log in as joe2 from somewhere other than 192.168.1.5 Actual Results: Both logins succeed. Expected Results: Both logins should fail. "strings /bin/login | grep tty" found /etc/securetty but not /etc/usertty. My conclusion is that checking of this file is not compiled into the program.
I'm running into the same problem under RH 7.1. /etc/usertty does seem to be ignored. Is there another way to restrict logins?
PAM has a number of modules (e.g. pam_listfile) which perform the type of tasks you are describing, and it's the recommended way to perform any and all. Please look through the PAM administrator documentation, and if a module does not exist to perform the type of restriction you are wanting, talk to the maintainer of that module (e.g. via a feature request in bugzilla).
I've added a note to this effect to the man page, BTW.