Is it possible to set timeout on Linux screen session

Linux and Unix-Like Linux
1

Hello friends,

I work on Linux servers via SSH (putty) and run "screen" to preserve my sessions so I can attach/detach them at anytime I wish without losing the connectivity/process disruption which is working perfectly fine.

As my team members also have root access to those servers, it is very much possible for them to attach "MY" sessions and can see what I'm doing. Is there anyway I can't allow them to do that? To solve this issue (upto some extent), setting a time-out on my sessions would help a bit. In other words, is it possible to set a timeout on screen session within which I should re-attach (after detaching) the screen session with 12 hours (for eg timeout set to 12 hours) else that screen session should be auto-killed. Any thoughts on tailoring this requirement would be great.

Many thanks!

2

Example use of the TMOUT variable with the bash shell:

Linux: TMOUT To Automatically Log Users Out - nixCraft

Note readonly - no user can change the variable after it is set.

2 Likes
3

Thanks jim.

But unfortunate this doesn't help me as I always have something running on my sessions (they are not idle to use TMOUT option). Basically I need my sessions to be killed automatically (forcibly) in case I don't attach to that screen session within certain time (like 12 hours or so). I guess this is more specific to "screen" feature i guess (based on it's man page there seems to be no such option), but if we could setup some alternative way to achieve it would be great.

Best,

4

I don't think screen can do this. Nothing prevents root from barging in and changing your screen settings back, anyway.

You can't defend from root.

1 Like
5

Thanks Corona.

Upon my further thoughts, to make it simple, I would like to setup like irrespective of anything, my current login session (bash process) should be killed after 12 hours (No matter of what my shell is running).

For example:

root@Ubuntu16:~# who
root     pts/1        2018-01-10 20:51 (192.168.1.64:S.0)
root@Ubuntu16:~# screen -ls
There is a screen on:
        1624.pts-0.Ubuntu16     (10/01/18 20:51:11)     (Attached)
1 Socket in /var/run/screen/S-root.
root@Ubuntu16:~# kill -9 1624

How can I achieve the above without using cron or atjobs or without leaving any record/file/log on the Server. Basically the above kill should be scheduled to run after 12 hours while letting me work on the shell until then.

Please advise, thanks!

6

You cannot defend from root.

You leave behind something that waits 12 hours then kills it:

( sleep 86400 && kill $$ ) & # Kill parent in 12 hours
exec screen # Replace parent process with screen

...but nothing prevents them from finding and killing it first.

And the more complicated you build your rube-goldberg machine, the more likely they are to notice that someone's doing odd things to the system.

7

Yes ofcourse!

This worked great, atleast solves my purpose upto some extent :b:

Actually I need this. In case I log back into server within 12 hours, I might just abort this kill (may initiate another later), if required.

This is not an issue :slight_smile:

8

Hi Corona688, it's actually NOT working. Even though we're able to kill the bash (shell) but the screen session socket still exists (that's the whole point of having a session - not to lose session if there's disconnection to the server etc.). Just login into the server and running "screen -r" still restores my session and one can see what is going on the session.

So I changed your script as below and now its working fine ( basically I'm killing the screen session)

( sleep 120 && screen -S scr1 -X quit ) & # Kill screen session in 2 minutes
exec screen -S scr1 # Establish a screen session

Luckily screen offers us to name every session so you can use that name (instead of PID which is a random number) to kill/attach/detach. Now It's working as expected. Thanks for all the help!

1 Like