HPE Community
Operating System - HP-UX
1829575 Members
4134 Online
109992 Solutions
New Discussion

Limit # of telnet sessions script not working

 
SOLVED
Go to solution
Rita Li
Frequent Advisor

‎02-05-2003 07:47 PM

‎02-05-2003 07:47 PM

Limit # of telnet sessions script not working

I have put in the following login scripts for my users in giving different telnet sessions one can login.

All users' login shell /usr/bin/sh
.profile :
/scripts/menu/1_sess_only

/scripts/menu/1_sess_only :
/scripts/menu/chk_login_1
(follow by scripts to startup the application if the chk_login_1 script can pass successfully)

/scripts/menu/chk_login_1 :
user=`whoami`
logintime=`finger | grep "^$user " | wc -l`
if [ "$logintime" -gt 1 ]
then
echo ""
echo ""
echo "You are not allowed to login more than 1 session!"
echo ""
exit 1
fi

Of course some have similar scripts with
/scripts/menu/chk_login_2 or
/scripts/menu/chk_login_3

The echo statements work all okay, that I understand it is the "exit 1" statement that cannot logout the telnet session successfully (used to work ok since the server is up running 2 years ago until recently)

What's wrong?
0 Kudos
Reply
6 REPLIES 6
RAC_1
Honored Contributor

‎02-05-2003 08:16 PM

‎02-05-2003 08:16 PM

Re: Limit # of telnet sessions script not working

run script with sh -vx and check what is causing the problem.
There is no substitute to HARDWORK
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎02-05-2003 08:24 PM

‎02-05-2003 08:24 PM

Re: Limit # of telnet sessions script not working

If you ran Bastille or otherwise disabled finger you might not be geting any results at all from your script.

I'd use the output from ps instead of finger. Here is a vague hack at it.

`ps -ef | grep telned | grep $user1 | wc -l`

You'll have to work the line out a bit, but it might prove a better thing.

You should disable finger on your system anyway. It gives hackers or malicious users too much information about how your system runs.

In case I haven't diagnosed the problem, please run five telnet sessions yourself, run the script against yourself(not root) and post the output. I'm not going to turn that one loose on my systems because we limit all users to one telnet session because the database they log into reject multiple logins.

P
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Denver Osborn
Honored Contributor

‎02-05-2003 08:58 PM

‎02-05-2003 08:58 PM

Re: Limit # of telnet sessions script not working

as far as I can see, the "exit 1" isn't going to cancel out the user's login, it's just going to stop the script that's checking for the multiple logins. If you put the 'if then' in the users .profile it should work.

Is that how it used to be setup? If it had been working for 2 years, what changed?

-denver
0 Kudos
Reply
Denver Osborn
Honored Contributor

‎02-05-2003 09:38 PM

‎02-05-2003 09:38 PM

Solution

Re: Limit # of telnet sessions script not working

ok... you should not have the script run as a seperate process in the user's .profile

-use-
. /scripts/menu/1_sess_only

-not-
/script/menu/1_sess_only

You might also consider putting "sleep 5" after your last echo... to give enough time to atleast see the message.

hope this helps
-denver
Reply
Chris Wong
Trusted Contributor

‎02-05-2003 11:17 PM

‎02-05-2003 11:17 PM

Re: Limit # of telnet sessions script not working

Instead of using your script you could use the
NUMBER_OF_LOGINS_ALLOWED option in the /etc/default/security file. If you set this to "1" the user will see this message if they try to login more than once:
Exceeds number of logins allowed (1) for user username.

Su access does not go against this count. The root user is also excluded.

If you do not have a /etc/default/security file you can just create one and add this line:
NUMBER_OF_LOGINS_ALLOWED=1

A table listing the available options can be found here: http://newfdawg.com/SHP-RestShell

- Chris
0 Kudos
Reply
Rita Li
Frequent Advisor

‎02-06-2003 01:33 AM

‎02-06-2003 01:33 AM

Re: Limit # of telnet sessions script not working

Hi Denver,

. /scripts/menu/1_sess_only

just works great! Thanks!

Also found it is the recent change to the script .profile that makes it doesn't work since

Before .profile is :
/scripts/menu/1_sess_only
RC=$?
if [ $RC -ne 0 ]
then
exit
fi

& I have overlooked this.

Thanks for everyone's help/recommendation etc.

Regards,
Rita
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.