The way I did this was to add an entry into the 5th "comment" field of /etc/passwd to indicate the number of logins. In our case we store title, name department and number of logins in this field - for example -
Alan Titchmarch,Mr,IT_TEAM,2
I then have some scripting in a global profile which looks at this field and limits additional logins beyond this figure.
This way you can specify different levels.
The scripting in my global profile is -
#############################################
# Step to limit Shell Logins if fourth field of /etc/passwd
# description field is set to a numeric limit.
# ie fred flintstone,Mr,ROCK_TEAM,2 sets limit to 2 sessions
# NXW - 29/10/01
#############################################
USER=$(whoami)
echo $USER|egrep -q '(informix|dba)'
if [ ! $? -eq 0 ]
then
trap "exec exit" INT
TMPLOG=/tmp/login_limit.tmp
DATE=$(date)
LIMIT=$(grep ^$USER: /etc/passwd|cut -d":" -f5|cut -d"," -f4)
COUNT=$(ps -fu"$USER"|grep "$USER"|grep "\-ksh"|grep -v grep|wc -l)
if [ $LIMIT -o $LIMIT -ne 0 ]
then
if [ $COUNT -gt $LIMIT ]
then
echo "Sorry you are only allowed $LIMIT session(s) - Press Enter \c"
read NOTHING
echo "$DATE - $USER with $COUNT shells active tried to exceed $LIMIT ses
sions" >> $TMPLOG
ps -fu"$USER"|grep "$USER"|grep -v grep >> $TMPLOG
ps -fu"$USER"|grep "$USER"|grep -v grep >> $TMPLOG
exit
fi
fi
fi
Hats ? We don't need no stinkin' hats !!
