HPE Community
Operating System - Linux
1827465 Members
4583 Online
109965 Solutions
New Discussion

Re: how to Restrict particular user from Loging in multiple times

 
SOLVED
Go to solution
Soujanya
Valued Contributor

‎10-20-2006 05:12 AM

‎10-20-2006 05:12 AM

how to Restrict particular user from Loging in multiple times

Hi All,

How do I write a script that doesn't permit some users to log in more than once. It looks up a configuration file which contains a list of those users, one user per line. Where should I place the script code?

Any Help is much appreciated :)

Thanks in Advance
Soujanya.R
0 Kudos
Reply
2 REPLIES 2
Ivan Ferreira
Honored Contributor

‎10-20-2006 07:13 AM

‎10-20-2006 07:13 AM

Solution

Re: how to Restrict particular user from Loging in multiple times

You have two options:

Configure the maxlogins option in /etc/security/limits.conf

Create a shell script and add it to the /etc/profile:

# Maxlogins
# Version 1.2
# Registro de cambios
# Version 1: Primera version estable
# Version 1.1: Se agrego la opcion -a al comando who y grep -v "x " para evitar informacion falsa
# Version 1.2: Se agrego ^ al grep para permitir comentar entradas en el archivo de configuracion

MAXDEFAULT=`awk '$1 == "MAXDEFAULT" { print $2 }' /etc/security/maxlogins.conf`

USRSESLIMIT=`grep -w "^$USER" /etc/security/maxlogins.conf | awk '{ print $2}'`

if [ -z "$USRSESLIMIT" ] ; then
USRSESLIMIT=$MAXDEFAULT;
fi

if [ "$USRSESLIMIT" -eq 0 ]; then
echo "Limites de sesion no establecidos"
else
SESCOUNT=`who -a | grep $USER | grep -v "x "| wc -l`
if [ $SESCOUNT -gt $USRSESLIMIT ]; then
echo "Ha alcanzado el limite de sesiones establecido"
echo "Presione ENTER para salir"
# Evitamos que pueda cancelar el script
stty dsusp undef eof undef eol undef eol2 undef erase undef discard undef \
status undef intr undef kill undef lnext undef quit undef reprint undef \
start undef stop undef susp undef werase undef
read
exit
else
echo "INFORMACION: Usted tiene $SESCOUNT sesiones abiertas"
fi
fi


The /etc/security/maxlogins.conf file will look like this:

# Valor por defecto. 0 = ilimitado
MAXDEFAULT 1

# Configuracion por usuario
# Superusuario
root 0
#
# Usuarios
#
user1 3
user2 5
user3 1
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
Atul Gautam
Valued Contributor

‎10-22-2006 10:26 PM

‎10-22-2006 10:26 PM

Re: how to Restrict particular user from Loging in multiple times

Soujanya,

Also there is a module in PAM which is called as "pam_tally.so" which is again used for restricting users/attackers.

Also go through the URL ---

http://sial.org/howto/linux/pam_tally/

Beside this, I am attaching a PDF doc for your reference purpose.




Atul
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.