> I have several Solaris 7 and Solaris 8 production servers that turn
> into number-crunchers several times a month during heavy production
> processing. I need to devise a way to selectively deny [most] users
> from logging into these systems at these times, yet still allow other
> critical support personnel to logon. The problem I have now is that
> some users log on during heavy processing to do compiles or run test
> jobs, which slows down our production processes.
> Is there an easy way to either script this function or use existing
> Solaris methods to block logins at these times?
> How would _you_ do it?? I'm pondering these ideas:
I'd change all the user's shells to a custom script, like /bin/canilogin
and just edit that. When users can login, make the script be:
/bin/ksh #or whatever shell
when they aren't supposed to login:
echo "Hey, hey, go away!" #or something polite :-)
If you wanted to get fancy, do something like:
if [ -e /etc/nologins ]
echo "Hey, hey, go away!"
And if you wanted to impress people at parties, make a cron job that
makes or removes /etc/nologins based on the system load.
Creating a script and editing it is safer then editing your passwd file
every time you want to allow or disallow logins, as messing up the
passwd file can be very bad, but not letting lusers login until you fix
a script isn't so horrible ;-).
Be sure you write a man page (use the manedit, Luke) or something to
ensure that future SysAdmins know what's going on. Or don't, and call
it job security (but maybe I'm just bitter over that happening to me).
+ http://www.not-real.org/~nick +
+ How valuable is my contribution? Share your feedback at Affero: +
+ http://svcs.affero.net/rm.php?r=nick +