limiting users to so many logins

limiting users to so many logins

Post by Andre » Sat, 29 Aug 1998 04:00:00



Hi,

I am looking for a  way to limit the number of logins a user can have
simultaneously.

For instance, user x is a schmuck and I only want him to be able to have one
session. User y is ok, so 1-5 sessions. User z is cool so no limits.

Anyone know how to do this?

Andrew

 
 
 

limiting users to so many logins

Post by Andre » Mon, 31 Aug 1998 04:00:00


Quote:>[ `who | grep username | wc -l` -gt X ] && {
> echo "You logged in too many times - loser"
> sleep 5
> exit
>}

>Where X is the number of times you want them to be able to log in.

Great idea...

How do I make an IF statement such that it only fires when the user has
logged in more times than specified?

Even better, can I make 1 script for everyone and have it look to a file in
their home directory for the settings. That way I can have a default file in
/etc/skel and change the people manually that I want to change.

This would involve a variable in the script that would find the current
users account, see how many times they pop up in w, and then compare that
number to the . file.

I am going to*around with it some more, thanks. Any more tips are
always appreciated... :)

Andrew

 
 
 

limiting users to so many logins

Post by Douglas E. Mitt » Tue, 01 Sep 1998 04:00:00


This is a handy solution BUT I would suggest putting this loop into
/etc/profile ... which is only write-able by root.

If you put this into 'skel' and from there into ~/.profile then the
user can just edit it out on their own after they log in the first
time.

The variable number of simultaneous logins allowed is a little more
difficult UNLESS you base it on the "User Group" ID ... that is put
the users into groups based on their value to the system and have the
/etc/profile script check the GID of the user and assign a value based
on what it finds.

Good luck ... interesting puzzle.



>>Hi,

>>I am looking for a  way to limit the number of logins a user can have
>>simultaneously.

>>For instance, user x is a schmuck and I only want him to be able to have one
>>session. User y is ok, so 1-5 sessions. User z is cool so no limits.

>>Anyone know how to do this?

>I have a more sophisticated perl method of doing this but a simple thing to do
>in the users .profile would be

>[ `who | grep username | wc -l` -gt X ] && {
>    echo "You logged in too many times - loser"
>    sleep 5
>    exit
>}

>Where X is the number of times you want them to be able to log in.

>Regards

 
 
 

limiting users to so many logins

Post by Icema » Tue, 01 Sep 1998 04:00:00



> This is a handy solution BUT I would suggest putting this loop into
> /etc/profile ... which is only write-able by root.

> If you put this into 'skel' and from there into ~/.profile then the
> user can just edit it out on their own after they log in the first
> time.

> The variable number of simultaneous logins allowed is a little more
> difficult UNLESS you base it on the "User Group" ID ... that is put
> the users into groups based on their value to the system and have the
> /etc/profile script check the GID of the user and assign a value based
> on what it finds.

> Good luck ... interesting puzzle.



> >>Hi,

> >>I am looking for a  way to limit the number of logins a user can have
> >>simultaneously.

> >>For instance, user x is a schmuck and I only want him to be able to have one
> >>session. User y is ok, so 1-5 sessions. User z is cool so no limits.

> >>Anyone know how to do this?

> >I have a more sophisticated perl method of doing this but a simple thing to do
> >in the users .profile would be

> >[ `who | grep username | wc -l` -gt X ] && {
> >       echo "You logged in too many times - loser"
> >       sleep 5
> >       exit
> >}

> >Where X is the number of times you want them to be able to log in.

> >Regards

Even if you put it in /etc/profile the user can create his or her own .profile. If
~/.profile exists,
then /etc/profile isn't used.

--
+---------------------------------------------------------+
 Never underestimate one's capabilities else you have
            already lost the edge in the battle to come.
   Website: http://hornetsnestusa.home.ml.org/

+---------------------------------------------------------+

 
 
 

limiting users to so many logins

Post by Douglas E. Mitt » Wed, 02 Sep 1998 04:00:00


Is this true?

On my Slackware system it doesn't appear to work like this ... I put
the default prompt and path in /etc/profile then for one login I use a
different prompt (due to using it to log into an Apple system) defined
in ~/.profile BUT the path data remains the same.

This could take some additional experimentation to find out.



>> This is a handy solution BUT I would suggest putting this loop into
>> /etc/profile ... which is only write-able by root.



>> >I have a more sophisticated perl method of doing this but a simple thing to do
>> >in the users .profile would be

>> >[ `who | grep username | wc -l` -gt X ] && {
>> >       echo "You logged in too many times - loser"
>> >       sleep 5
>> >       exit
>> >}

>Even if you put it in /etc/profile the user can create his or her own .profile. If
>~/.profile exists,
>then /etc/profile isn't used.

 
 
 

limiting users to so many logins

Post by Me Agai » Thu, 03 Sep 1998 04:00:00



>Is this true?

>On my Slackware system it doesn't appear to work like this ... I put
>the default prompt and path in /etc/profile then for one login I use a
>different prompt (due to using it to log into an Apple system) defined
>in ~/.profile BUT the path data remains the same.

>This could take some additional experimentation to find out.

No.  The Unix/Linux mechanism is to read /etc/profile regardless of the
existance of a ~/.profile.  However how this is implemented is not defined
anywhere so it may be implemented by a line in /etc/profile executing
~/.profile (unlikely but valid) or it may be implemented in the shell.  I think
you will find that unless someone has been doing funy stuff on your system that
your /etc/profile IS read regardless of the existance of a .profile though
neither may be used if you are using some shells.  Most shells however will
behave as mentioned.

Regards

mark

P.S. The reason I suggested putting the code in .profile was because the
original poster wanted different number of logins for different and users.  If
however a central file was created that contained lines of the format userame:X
(X being maximum logins) it would be possible to put the following in
/etc/profile.  This is just off the top of my head so don't blame me if it's
*:)

LOGINLINE=`grep "userame:" /etc/centralfile`
[ `who | grep username | wc -l` -gt `expr $LOGINLINE : ".*:\(.*\)"` ] && {
        echo "Logged in too many times - Loser"
        exit 1

Quote:}

Regards

mark

----------------------------------------------------------------------------  
         We are Pentium of Borg - You will be approximated

http://www.veryComputer.com/ (As if I ever update this page!)
----------------------------------------------------------------------------