Re: script help please

Nick D'Angelo · ‎01-31-2002

Below is a script that is a combination of two scripts and it will not work.

What I am trying to do is to limit logins so that users that like to walk around to different pc's and telnet from different IP addresses, will be prevented from doing so.

I want to limit their logins if they are already logged in from another ip address.

I have a problem with a 'fi' but I it has me.

here is the script:

_______________
if [ -x "/usr/bin/whoami" ]
then
WHOAMI=`whoami`

if [ "$WHOAMI" = "root" -o "$WHOAMI" = "nickd" ]
then
:
else
IPLIST=`who -u|tr -s " "|cut -d" " -f8`
THISIP=`who -um | tr -s " " | cut -d" " -f8`
LOGCOUNT=0
for IP_ADDY in `echo $IPLIST` ; do
if [ "${IP_ADDY}" -eq "${THISIP}" ]; then
((LOGCOUNT = LOGCOUNT +1 ))

echo $LOGCOUNT
if [ $LOGCOUNT -gt 1 ] then
echo "You are already logged on in more than one place"
exit
fi

here is the script:

Always learning

Madhu Sudhan_1 · ‎01-31-2002

I haven't really checked if the script is working from functionality stand point. Instead just "fi" ed.

Thanks,

Think Positive

Steve Steel · ‎01-31-2002

Hi

If you are going to limit logins why check for ip's

You can prevent a user from logging in multiple times by
placing the following lines in the user's .profile:

# Limit number of logins allowed
Times_allowed=2
Time_in=`who | grep $LOGNAME | wc -l`
if [ $Time_in -gt "$Times_allowed" ]
then
echo "$LOGNAME is already logged in $Times_allowed times!"
exit
exec /bin/login
fi

chmod 444 and chown root .profile

If the user attempts to login while that login name is already in
use, the user will get logged out again. A limited number of multiple
logins can be allowed by changing the times_allowed to the acceptable
number of logins.

This should also be ok in the /etc/profile.

Whever they login from they come through these scripts.

Steve Steel

If you want truly to understand something, try to change it. (Kurt Lewin)

John Palmer · ‎01-31-2002

Hi,

The script that you posted is actually missing three 'fi's and a 'done'.

I think that this bit should read:

((LOGCOUNT = LOGCOUNT +1 ))
fi
done

You also need two fi's at the end to close:

if [ "$WHOAMI" = "root" -o "$WHOAMI" = "nickd" ]
and
if [ -x "/usr/bin/whoami" ]

Regards,
John

Robin Wakefield · ‎01-31-2002

Hi Nick,

You have one "done" and a few "fi" statements missing, and the line:

if [ "${IP_ADDY}" -eq "${THISIP}" ]; then

should be:

if [ "${IP_ADDY}" = "${THISIP}" ]; then

=====================================
if [ -x "/usr/bin/whoami" ]
then
WHOAMI=`whoami`
fi

if [ "$WHOAMI" = "root" -o "$WHOAMI" = "nickd" ]
then
:
else
IPLIST=`who -u|tr -s " "|cut -d" " -f8`
THISIP=`who -um | tr -s " " | cut -d" " -f8`
LOGCOUNT=0
for IP_ADDY in `echo $IPLIST` ; do
if [ "${IP_ADDY}" = "${THISIP}" ]; then
((LOGCOUNT = LOGCOUNT +1 ))

echo $LOGCOUNT

if [ $LOGCOUNT -gt 1 ] ; then
echo "You are already logged on in more than one place"
exit
fi
fi
done
fi
=====================================

Rgds, Robin.

Nick D'Angelo · ‎02-08-2002

Robin,

your script is close, but there is a "then" that is not matched.

??

Always learning

James R. Ferguson · ‎02-08-2002

Hi Nick:

Did you cut-and-paste Robin's script? -- it's fine.

Regards!

...JRF...

Nick D'Angelo · ‎02-08-2002

Gents,

Yes I copied Robin's script and I get an error mesg:

Syntax error: `then` is not matched.

??

Always learning

Nick D'Angelo · ‎02-08-2002

here is my /etc/profile for your review.

I thought this might save some emails from going around.

Much appreciated.

Always learning

Tom Danzig · ‎02-08-2002

This is a section of a script to do something similar and while back. Sorry it's in csh. Thats what I used to write in. I've since learned better ;)

#!/usr/bin/csh

set username = `whoami`

# If display not set, get IP and set
if($?DISPLAY == 0) then
# Check for multiple logons of same user name. Warn if found.
if(`finger -R | grep $username | awk '{print $NF}' | sort -u | wc -w` > 1) then
echo "ERROR: User $username logged in on multiple terminals."
echo "Can't determine IP address where you are logged in."
exit 1
endif

James R. Ferguson · ‎02-08-2002

Hi Nick:

OK, it looks like you dropped a 'fi' at line number 163.

Add 'fi' so the last part reads:

# Change the backup tape

if [ -r /tmp/changetape ]
then echo "\007\nYou are the first to log in since backup:"
echo "Please change the backup tape.\n"
rm -f /tmp/changetape
fi

fi # <<<--- THIS WAS MISSING !!!
# Leave defaults in user environment.

Regards!

...JRF...

Nick D'Angelo · ‎02-10-2002

Cheers James and many thanks.

Nickd

Always learning

Nick D'Angelo · ‎02-20-2002

Sorry all, one more time.

The last script that I received from James works,except for one problem.

It locks everyone out completely except for the exception list.

Always learning

Mark Fenton · ‎02-20-2002

Nick,

James is right in that there is an unmatched if in your script.

I think the place to stick it, though is at the end of the section where you are testing for VUE environment stuff, right before the test for logins.

Counting if s and fi s to ensure they balance is a pain, but not being able to log in is worse......

hth

Nick D'Angelo · ‎02-20-2002

All,

I did include that last fi, and the script works, but not as designed.

It locks everyone out, except the users listed on the exception list.

I have attached the profile for your review.

Thanks for your time,

Nd

Always learning

Nick D'Angelo · ‎02-26-2002

All,

Should I re-post this?

Nickd

Always learning

Bryan_6 · ‎02-26-2002

Try this... I just modified the login limit section in your profile script:

# Limit logins to 2

USER=`logname`
LOGINS=`who -H | grep -c $USER`

### Debug info...
print "Current logins: $LOGINS"

### Search $USER for exceptions
ALLOWTHESE="rbudaric|pics|tladouce|nickd"
echo $USER | egrep "$SKIPTHESE"
rc=$?

if [ $rc -eq 1 ] ### If this user is not part of the exception list
then
if [ $LOGINS -gt 2 ]
then echo The maximum # of logins is 2
echo and you have already reached your limit.
echo
echo Nickd ext 278 Kanata
echo Pausing for 10 seconds
touch /tmp/$USER
/usr/sbin/sendmail $USER sleep 10
#sendmail $USER exit
fi
fi

Nick D'Angelo · ‎02-26-2002

Bryan,

Thanks for the tip, but I think we are missing the second part of my problem.

I also want to restrict users from using more than one computer (IP address) unless they are in the exception list.

I couldn't tell for sure, but I don't think your script does that, does it?

Nickd

Always learning

Bryan_6 · ‎02-26-2002

Sorry Nick - didn't look near the bottom of the script. I've attempted to come up with a solution for you...

I've tested this in my own .profile and it appears to work. Let me know...

Nick D'Angelo · ‎03-07-2002

Bryan,

Works like a charm.

The only problem is, all the files that it spawns in /tmp.

Does the script need those mailmesg files or can I delete them?

Thanks,

nickd

Always learning

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: script help please

script help please