Logoff a user...

balaji_prk · November 29, 2005, 12:07am

Hi...

could anyone tell me how to kill a user session on my server with out affecting other user?

Bala

jyoung · November 29, 2005, 3:21pm

I use this to grab their PID :
ps -ef | grep userid
Then kill -kill PID

balaji_prk · November 30, 2005, 12:42am

thank for the reply..

is there any other command other than killing that particular userid?

Bala

bakunin · December 1, 2005, 6:08am

You do not "kill the userid", but kill the login session she is using. Instead of using "ps -fe | grep <userid>" you can also use "ps -fu <userid>" btw., which lists all processes owned by the specified userid.

bakunin

balaji_prk · December 3, 2005, 6:03am

hi bakunin

the method u explained is correct.. But i will explain the scenario..
suppose at any instance when i run the who command and i found an unauthorized user logged in to my server and i should log him out at the earliest. what am i supposed to do? i know his username... so is there any command by which i could kill his session using his username? sorry if am stupid...

Bala

bakunin · December 4, 2005, 6:36pm

I don't get it - if a user has a userid she is supposed to be authorized, yes?

If you want to disable the ability of a userid to log in, but still want to keep the userid you can disable his right to log on to the machine. The information rests in the ODM and can be listed with the "lsuser" and changed with the "chuser" command. Here is a sample output of "lsuser":

# lsuser f985905
f985905 id=23996 pgrp=staff groups=staff,system,security,ddm001r home=/home/f985905 shell=/usr/bin/ksh 
gecos=myuser, CS3 AIX-Administration Team login=true su=false rlogin=true daemon=true admin=true 
sugroups=ddm001r,ALL tpath=on ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=77 registry=files SYSTEM=files 
loginretries=5 pwdwarntime=14 account_locked=false minage=0 maxage=13 maxexpired=0 minalpha=1 
minother=1 mindiff=3 maxrepeats=2 minlen=7 histexpire=0 histsize=9 fsize=2097151 cpu=-1 data=131072 
stack=32768 core=1024 rss=32768 nofiles=2000 core_hard=1024 time_last_login=1133704370 
time_last_unsuccessful_login=1133183860 tty_last_login=ssh tty_last_unsuccessful_login=/dev/pts/1 
host_last_login=130.24.110.41 host_last_unsuccessful_login= unsuccessful_login_count=0 roles=ManageBasicUsers,ManageAllUsers,ManageBasicPasswds,ManageAllPasswds,ManageRoles,ManageBackupRestore,ManageBackup,ManageShutdown,RunDiagnostics,ManageDiskQuota

I have marked bold the parts which are interesting to you. By setting any of these values appropriately you can lock the user out of the machine:

# chuser -a login=false f985905
# chuser -a account_locked=true f985905
...etc

This would, of course only prevent further logins, to get the user out of the machine immediately look up her processes by ps -fu like mentioned above and kill these processes. In the example above that would be:

# ps -fu f985905
     UID    PID   PPID   C    STIME    TTY  TIME CMD
 f985905 581780 696398   0 14:53:02  pts/1  0:00 -ksh 
 f985905 671978 729222   0 14:52:50  pts/0  0:00 -ksh 
 f985905 729222 811062   0 14:52:50      -  0:00 sshd: f985905@pts/0 
 f985905 696398         1   0 13:27:22  pts/2  0:00 -ksh 
# kill -9 696398

Hope this helps

bakunin

balaji_prk · December 5, 2005, 12:03pm

That really helped... Thanks a lot...
Well I have got one more doubt and am posting it as a new thread,
so that it helps.

Bala