HPE Community
Operating System - HP-UX
1836636 Members
1667 Online
110102 Solutions
New Discussion

Enforcing shell timeout?

 
Alex Georgiev
Regular Advisor

‎07-23-2007 09:05 PM

‎07-23-2007 09:05 PM

Enforcing shell timeout?

Does anyone have a creative & elegant way of enforcing shell timeouts for users?

Currently I'm doing it by executing 'typeset -r TMOUT=' in the /etc/profile. This prevents the user from unsetting the TMOUT variable, or from editing their own .profile and changing it.

Unfortunately it also prevents them from specifying a shorter timeout, if they wish to do so. Plus, it seems to conflict with certain apps that try to modify it.
0 Kudos
Reply
4 REPLIES 4
Peter Nikitka
Honored Contributor

‎07-24-2007 12:18 AM

‎07-24-2007 12:18 AM

Re: Enforcing shell timeout?

Hi,

you'll have to use some scripting.
I would look for an optional config file ~/.tmout
where the user could specify something like
TMOUT=nnn

and in /etc/profile use something like this:
tmout_default=1024
if [ -s $HOME/.tmout ]
then
usrtmout=$(awk -F= '$1=="TMOUT" {print $2}' $HOME/.tmout)
[ "$usrtmout" -gt $tmout_default ] && unset usrtmout
if
typeset -r TMOUT=${usrtmout:-$tmout_default}

mfG Peter
The Universe is a pretty big place, it's bigger than anything anyone has ever dreamed of before. So if it's just us, seems like an awful waste of space, right? Jodie Foster in "Contact"
0 Kudos
Reply
Alex Georgiev
Regular Advisor

‎07-24-2007 11:49 AM

‎07-24-2007 11:49 AM

Re: Enforcing shell timeout?

Yes, that's a good idea. A ~/.tmout would work.

Any other ideas for how to do that?

P.S. Something that went though my mind is to compile the shell from source, but edit the source code beforehand and hard code a maximum value in there. The problem with that is that I might only be able to do it for bash & tcsh, since I'm not sure if I can find the source for the HP-UX ksh & dtksh.

Also, there's alway the possibility that I'll mess up and create bugs. Haven't done any serious coding in a while...
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎07-24-2007 11:59 AM

‎07-24-2007 11:59 AM

Re: Enforcing shell timeout?

Hi Alex:

> Something that went though my mind is to compile the shell from source, but edit the source code beforehand and hard code a maximum value in there. The problem with that is that I might only be able to do it for bash & tcsh, since I'm not sure if I can find the source for the HP-UX ksh & dtksh.

You won't be able to obtain the source for HP-UX released versions.

That aside, I've "been-there-done-that" in "another life" many years ago. As a then mainframe systems programmer I had source code and was used to developing patches as work-arounds and customizations. The problem was always re-engineering the patch and re-certifying it as new releases and vendor-supplied enhancements appeared.

Put your creative efforts to use in another way. Peter's suggestion is a good one.

Regards!

...JRF...
0 Kudos
Reply
Peter Nikitka
Honored Contributor

‎07-24-2007 06:49 PM

‎07-24-2007 06:49 PM

Re: Enforcing shell timeout?

Hi,

additionally you should check the setting of a user-timeout not being zero: This could mean NO timeout in some shells!

mfG Peter

PS: Of course you could permit this as a 'feature'...
The Universe is a pretty big place, it's bigger than anything anyone has ever dreamed of before. So if it's just us, seems like an awful waste of space, right? Jodie Foster in "Contact"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.