HPE Community
Operating System - HP-UX
1834170 Members
2515 Online
110064 Solutions
New Discussion

Restricting users to one login session

 
SOLVED
Go to solution
Kevin Moore_2
Occasional Advisor

‎05-30-2001 11:04 PM

‎05-30-2001 11:04 PM

Restricting users to one login session

Hi,

I was wondering if anyone could help me. I want to restrict certain users to one login session each. Any idea of how I would do that?

Thanks,
Kevin
Never put something off, for it may be your last chance
0 Kudos
Reply
8 REPLIES 8
Sarah Mokwana
Occasional Advisor

‎05-30-2001 11:35 PM

‎05-30-2001 11:35 PM

Solution

Re: Restricting users to one login session

Hi Kevin

You'll need to vi .profile of that user. DO
this:
#limit number of of logins allowed
Time_allowed = 1
Time_in = "who | grep $LOGNAME | wc -1"
if [$Time_in -gt "$Time_allowed"]
then
echo "$LOGNAME is already logged in $Time_allowed times"
exit
exec /bin/login
fi

Then you'll have to chmod 444 and chown root .profile.

Hope this will help.
You are the star in your own category,shine as high as you can
Reply
Alexander M. Ermes
Honored Contributor

‎05-30-2001 11:36 PM

‎05-30-2001 11:36 PM

Re: Restricting users to one login session

Hi there.
Add these lines to the .profile :

no_of_users=`ps -ef|grep $LOGNAME|grep -v grep |wc -l`


export no_of_users
#
if test "$no_of_users" -gt 3
then
tput clear
echo "You are already logged in more than once......"
echo "Number of: $LOGNAME user logged in: $no_of_users"
echo "exiting......"
sleep 2
exit 1
else
exec .....
fi



Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
Reply
Brendan Newport
Frequent Advisor

‎05-30-2001 11:39 PM

‎05-30-2001 11:39 PM

Re: Restricting users to one login session

You could give this a try;

last -R | grep -v grep |grep $USER | grep "still logged in"
if [ $? = 0 ]
then
exit
fi

The routine would go in individual users login scripts, or in /etc/profile with a case routine to identify users you don't want to have multiple logins (or you could perform it on a particular group by checking the $USER(s) GID in /etc/passwd ;
"It doesn't have to be like this. All we need to do is make sure we keep talking"(Dave Gilmour)
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎05-30-2001 11:39 PM

‎05-30-2001 11:39 PM

Re: Restricting users to one login session

Heres a couple of ways of preventing multiple logins;

SOLUTION 1:
Heres a script to test for multiple logins, just call it from /etc/profile

nologin()
{
#nologin - test for user name already logged in
num=1
u=$LOGNAME
if [ "$u" = "" -o "$u" = "root" ]
then
num=1
else
num=`who| cut -d" " -f1|grep "^$LOGNAME"$|wc -l`
fi

if [ $num -gt 1 ]
then
echo yours would be login number $num of name $LOGNAME
echo this is a big no-no!
echo please assign password to your login
echo if somebody else used your name, notify D.P. department
echo it is vital to the system\'s well being to know who the users are
echo it is with a heavy processor, that i have to deny you access.
echo have a nice day nevertheless - HAL very junior
exit
#else
# echo you are the one and only $LOGNAME - enjoy!

fi
}

SOLUTION 2:
"We use idled which works very well for both session limitations, multiple user viloations and idle limitations. You can obtain the source from ftp.cs.hope.edu in /pub/idled . This compiles just fine, and installs. This solution has idle limitations, or multiple user and session limitations, depending on which you want to use.
Im from Palmerston North, New Zealand, but somehow ended up in London...
Reply
Stephen Tatrai
Advisor

‎05-31-2001 06:40 AM

‎05-31-2001 06:40 AM

Re: Restricting users to one login session

We use

if (( $( who | grep -c $LOGNAME ) > 1 ) then
print "You [$LOGNAME] are currently logged into another session. You cannot log in to more than one session at a time. Please log out of the other session before you start another. "
exit 1
fi
Reply
Don Bentz
Regular Advisor

‎05-31-2001 07:10 AM

‎05-31-2001 07:10 AM

Re: Restricting users to one login session

Caution: Try it for yourself to be sure, but the "last -R | grep still..." solution will show you users who MAY or MAY NOT actually be logged in.
Insecurity is our friend. It keeps you dependent.
Reply
Greg Conn
Advisor

‎06-01-2001 03:02 PM

‎06-01-2001 03:02 PM

Re: Restricting users to one login session

# Check for multiple logins

if [ -x "/usr/bin/whoami" ]
then
WHOAMI=`whoami`

if [ "$WHOAMI" = "root" -o "$WHOAMI" = "bogie" -o "$WHOAMI" = "haninged" -o "$WHOAMI" = "opc_op" -o "$WHOAMI" = "opc_ncc" -o "$WHOAMI" = "osborna" -o "$WHOAMI" = "greyson" ]
then
:
else

# if [ `who | grep ^$WHOAMI | wc -l` -gt 1 ]
if [ `who | grep -c "^$WHOAMI"` -gt 1 ]
then
echo "\n\n W A R N I N G !"
echo "\nYou can't log in now because someone is logged"
echo "in with this user ID. If you think that"
echo "someone is using your account, please contact"
echo "the Shift Manager immediately....\n\n"
sleep 20
exit 1
fi
fi
fi
0 Kudos
Reply
Thierry Poels_1
Honored Contributor

‎06-02-2001 12:48 AM

‎06-02-2001 12:48 AM

Re: Restricting users to one login session

Hi,
something to think about:
putting restrictions in the users .profile is not fullproof (/foolproof:). The user can allways change his .profile when he has write privileges in his home directory, even if file privileges are limited or the owner has been changed.
The way to go is through /etc/profile, but mind not to put restrictions for root or other system logins.
BTW I was allways able to surround limitations set up by sysadmins years ago when I was a programmer; so now as a sysadmin I now the tricks of the trade ;-).
regards,
Thierry
All unix flavours are exactly the same . . . . . . . . . . for end users anyway.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.