Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
General
cancel
Showing results for 
Search instead for 
Did you mean: 

how to Restrict particular user from Loging in multiple times

SOLVED
Go to solution
Soujanya
Valued Contributor

how to Restrict particular user from Loging in multiple times

Hi All,

How do I write a script that doesn't permit some users to log in more than once. It looks up a configuration file which contains a list of those users, one user per line. Where should I place the script code?

Any Help is much appreciated :)

Thanks in Advance
Soujanya.R
2 REPLIES
Ivan Ferreira
Honored Contributor
Solution

Re: how to Restrict particular user from Loging in multiple times

You have two options:

Configure the maxlogins option in /etc/security/limits.conf

Create a shell script and add it to the /etc/profile:

# Maxlogins
# Version 1.2
# Registro de cambios
# Version 1: Primera version estable
# Version 1.1: Se agrego la opcion -a al comando who y grep -v "x " para evitar informacion falsa
# Version 1.2: Se agrego ^ al grep para permitir comentar entradas en el archivo de configuracion

MAXDEFAULT=`awk '$1 == "MAXDEFAULT" { print $2 }' /etc/security/maxlogins.conf`

USRSESLIMIT=`grep -w "^$USER" /etc/security/maxlogins.conf | awk '{ print $2}'`

if [ -z "$USRSESLIMIT" ] ; then
USRSESLIMIT=$MAXDEFAULT;
fi

if [ "$USRSESLIMIT" -eq 0 ]; then
echo "Limites de sesion no establecidos"
else
SESCOUNT=`who -a | grep $USER | grep -v "x "| wc -l`
if [ $SESCOUNT -gt $USRSESLIMIT ]; then
echo "Ha alcanzado el limite de sesiones establecido"
echo "Presione ENTER para salir"
# Evitamos que pueda cancelar el script
stty dsusp undef eof undef eol undef eol2 undef erase undef discard undef \
status undef intr undef kill undef lnext undef quit undef reprint undef \
start undef stop undef susp undef werase undef
read
exit
else
echo "INFORMACION: Usted tiene $SESCOUNT sesiones abiertas"
fi
fi


The /etc/security/maxlogins.conf file will look like this:

# Valor por defecto. 0 = ilimitado
MAXDEFAULT 1

# Configuracion por usuario
# Superusuario
root 0
#
# Usuarios
#
user1 3
user2 5
user3 1
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Atul Gautam
Valued Contributor

Re: how to Restrict particular user from Loging in multiple times

Soujanya,

Also there is a module in PAM which is called as "pam_tally.so" which is again used for restricting users/attackers.

Also go through the URL ---

http://sial.org/howto/linux/pam_tally/

Beside this, I am attaching a PDF doc for your reference purpose.




Atul