Any idea as to how multiple loggin sessions by the same user (using Hyper terminal/Telnet) be restricted in Sun Solaris 8.
Rgds
Naushi
Any idea as to how multiple loggin sessions by the same user (using Hyper terminal/Telnet) be restricted in Sun Solaris 8.
Rgds
Naushi
you can add the following to the users profile :
USERLOGINS=`who | grep ( userid ) | wc -l`
if [ "$USERLOGINS" -eq ( max no. of logins ) ] ; then
exit 1
else
( process remaining environment )
fi
cheers
If we are strict at "restrict", there should be better approach. Is there PAM for Solaris?
What's PAM
Pluggable Authentication Modules and no it's not there in Solaris 8 by default.
Thanks ppass, I'll try it out.
Add this to the global profile (/etc/profile or whatever) otherwise the user will just login, vi $HOME/.profile, and remove it....
MAXLOGINS=5 # or whatever
WHOAMI=`whoami`
CURRENTLOGINS=`who | grep -c "${WHOAMI}"`
if [ "${CURRENTLOGINS}" -eq "${MAXLOGINS}" ]; then
exit 1
fi
# no need for else.... rest of profile goes here
Cheers
ZB
Thanks ppass
It worked (with li...ttle bit of change)
Cheers
But the user can just edit their .profile file and remove your checks.
It would be far safer to use the method I've indicated, placing it in the global profile in /etc/profile.
Also; what happens when you add 20 new users to the system? Have you modified the .profile file in /etc/skel? Have you hard coded the user name into the .profile? What happens when the wiley user wants to login more than X times and removes your checks from their writable .profile?
Using my method would solve all these issues.
Anyway.... :rolleyes:
Cheers
ZB
zazzybob;
Here's how I did it;
I edited the .profile in /etc/skel,
USERLOGINS=`who | grep $LOGNAME | wc -l`
if test $USERLOGINS -eq (x)
then
exit 1
else
([/i]process remaining environment)
..
Then I copied the .profile to the individual users $HOME
I'll deffinitely try out your method also. Thanks a lot.
That should solve a few of the problems, i.e. it will be applied for new users added to the system, and the userids are not hard-coded into individual profiles - the only remaining issue would be if the user were to edit their .profile and remove the checking - and if your users are anything like most of the users I've looked after, they probably haven't even heard of a .profile file
Cheers
ZB