HPE Community
Operating System - HP-UX
1820553 Members
3585 Online
109626 Solutions
New Discussion юеВ

Re: How to logout a user remotely from root

 
vvsha
Frequent Advisor

тАО09-06-2007 06:20 PM

тАО09-06-2007 06:20 PM

How to logout a user remotely from root

If I login with one user id i am getting the following message

Intrussion Detected !!!!
You have already LOGGED IN from a different Machine
SORRY your User Id cannot be shared from different machines

I have checked the login using finger and command , the login is displaying and I tried to kill it . I got the PID of the users shell
by using who -uH command .
but if i give kill -9 it shows the following
kill: 13823: no such process

Please let me know how to kill the this login session in hp-ux.
0 Kudos
Reply
12 REPLIES 12
AwadheshPandey
Honored Contributor

тАО09-06-2007 06:26 PM

тАО09-06-2007 06:26 PM

Re: How to logout a user remotely from root

use #fuser -k tty of user instead.
ex: fuser -k /dev/pts/4
It's kind of fun to do the impossible
0 Kudos
Reply
vvsha
Frequent Advisor

тАО09-06-2007 06:33 PM

тАО09-06-2007 06:33 PM

Re: How to logout a user remotely from root

$ fuser -k /dev/pts/tb
/dev/pts/tb:

Its not working for me
still login exists
0 Kudos
Reply
vvsha
Frequent Advisor

тАО09-06-2007 06:45 PM

тАО09-06-2007 06:45 PM

Re: How to logout a user remotely from root

$fuser -k /dev/pts/tb
/dev/pts/tb: 13374o 13339o 13401o

$fuser -k /dev/pts/tb
/dev/pts/tb:

but still the login shows and I am unable to login using the same.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО09-06-2007 06:45 PM

тАО09-06-2007 06:45 PM

Re: How to logout a user remotely from root

I believe your problem is that you can't trust who(1) or last(1). Here is a pointer that has other pointers:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1149632

To find all user processes, see your other thread:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1159096
0 Kudos
Reply
vvsha
Frequent Advisor

тАО09-06-2007 06:50 PM

тАО09-06-2007 06:50 PM

Re: How to logout a user remotely from root

But Still If I login with the same login , it displayes the following message and I am unable to logging in.

Intrussion Detected !!!!
You have already LOGGED IN from a different Machine
SORRY your User Id cannot be shared from different machines

0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО09-06-2007 06:54 PM

тАО09-06-2007 06:54 PM

Re: How to logout a user remotely from root

>But Still If I login with the same login

If you looked at the links that point to last(1), you will have to clean up wtmps.

The tool that is giving you "Intrussion Detected" is gullible and relying on fragile info.
0 Kudos
Reply
whiteknight
Honored Contributor

тАО09-06-2007 08:07 PM

тАО09-06-2007 08:07 PM

Re: How to logout a user remotely from root

shabi,

"intrussion Detected!!!" ? HPUX error message is intruder Alert

Are you using HIDS ? Or you wrote the script to control only 1 uid allow to login into system once.


WK
Problem never ends, you must know how to fix it
0 Kudos
Reply
vvsha
Frequent Advisor

тАО09-06-2007 08:54 PM

тАО09-06-2007 08:54 PM

Re: How to logout a user remotely from root

we will be able to login to server only from one client machine. If it required to login from another machine then we have to logoff from the old machine first.

0 Kudos
Reply
Wim Rombauts
Honored Contributor

тАО09-06-2007 09:21 PM

тАО09-06-2007 09:21 PM

Re: How to logout a user remotely from root

If you need to logout a user from a system completely as root, this should be the easiest way :

kill -9 $(echo $(ps -fu | awk '{print $2}'))

After that, try "ps -fu " again, you should get no processes back now.
0 Kudos
Reply
Wim Rombauts
Honored Contributor

тАО09-06-2007 09:26 PM

тАО09-06-2007 09:26 PM

Re: How to logout a user remotely from root

Smaal mistake, use "ps -ef | grep " instead of "ps -fu ".

With the -fu option, the input for the kill-command contains "PID" from the ps output header. With the grep, you can get reid of this header.
0 Kudos
Reply
AwadheshPandey
Honored Contributor

тАО09-06-2007 09:38 PM

тАО09-06-2007 09:38 PM

Re: How to logout a user remotely from root

I can guess that there should be some session file on server for particular user. user cant login till the file exits. in case of normal exit the file may be deleted or renamed. try to find that file and move it. and login again, u will able to login for sure. check .profile of user for session file.
It's kind of fun to do the impossible
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО09-07-2007 10:30 AM

тАО09-07-2007 10:30 AM

Re: How to logout a user remotely from root

>Wim: kill -9 $(echo $(ps -fu | awk '{print $2}'))

Why are you using echo? It works without it.

>Wim: Small mistake, use "ps -ef | grep " instead

You don't want to use grep with kill -9 and kill someone running .exe. ;-)
Or worse, yourself using ps -fe | grep ... ;-)

>With the -fu option, the input for the kill-command contains "PID" from the ps output header.

Simple, safer fix:
kill -9 $(ps -fu | awk 'BEGIN {getline} {print $2}')

>Awadhesh: I can guess that there should be some session file on server for particular user. user cant login till the file exits.

It's possible but shabi's first messages showed who(1. Since who isn't accurate, I'm assuming that's the problem, not this sentinel file.

Basically if who says the user is logged on but ps -fu user doesn't, then it is a wtmp problem.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.