Problem with limiting logins to one in AIX 5.3

Confused_lulu · April 6, 2007, 10:34pm

I am migrating from 5.2 to 5.3 AIX. In previous versions of AIX, including 5.2, I've been able to limit user's logins to 1 by using the following script named Block_user:

#!/bin/ksh
USER=$1
NUM=`who | grep $USER | cut -c1-8 | wc -l`
#The above ' is not a single quote but back quote
if [[ $NUM -lt 1 ]]
then
exit 0
fi
echo "permission denied...$NUM is the limit of logins"
exit 1

and changing the following

/usr/lib/security/methods.cfg - add:
auth_method
program = /usr/bin/Block_user

and

/etc/security/user, changing the default stanza to read
auth1 = SYSTEM,auth_method

This doesn't work in 5.3. The user tries to login and receives "Invaild user or password". Removing the auth_method from /etc/security/user allows the person to login. I've spoken with IBM and so far no one has an answer as to why it will not work. I'm hoping someone out here does?

jgt · May 1, 2007, 1:30pm

Try using 'fuser' to see if the users .profile is in use by more than one process when they log on.

Confused_lulu · May 1, 2007, 1:38pm

thank you for the reply but fuser will not help. What I was trying to do was limit the number of logins per user. Since my posting I found that IBM went back to the old way of doing this and that is setting the limit in login.cfg.