HPE Community
Operating System - HP-UX
1825668 Members
3408 Online
109686 Solutions
New Discussion

Session limitations and who substitutions

 
SOLVED
Go to solution
Global Server Operation
Frequent Advisor

‎09-26-2003 04:02 AM

‎09-26-2003 04:02 AM

Session limitations and who substitutions

On our HP box HP 11.11, it seems that the machine is not always cleaning up interactive session and shells when users disconnect.
Any idea why HP-UX isn't shutting these processes down? Each user is allowed a maximum of 4 sessions. The customer uses a script to monitor session limits for each user. The scripts uses the WHO command to report sessions for users. The problem is sometimes the output from the who command is not accurate because the /etc/utmp file can get corrupted for the reasons stated at the beginning of this message. The customer realizes that HP cannot control this, there questions are :
1) Is there an alternative to "who" to determine the number of sessions a user has active?
2) A way to limit Unix user logons?

0 Kudos
Reply
4 REPLIES 4
Mark Grant
Honored Contributor

‎09-26-2003 04:04 AM

‎09-26-2003 04:04 AM

Re: Session limitations and who substitutions

ps -ef | grep username | grep "-sh" might work. "-sh" signifies a top level login shell.
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎09-26-2003 04:09 AM

‎09-26-2003 04:09 AM

Re: Session limitations and who substitutions

How are the users accessing the HP box? Our users run RelectionX emulation software on their PC and a number of the slower learners can't seem to get the hang of logging out properly - they just close the Reflection window, leaving all their Unix processes hanging.


Pete


Pete
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎09-26-2003 11:40 AM

‎09-26-2003 11:40 AM

Solution

Re: Session limitations and who substitutions

As Pete mentioned, there may a number of PC users that just kick the power button when they leave rather than performing a proper logout. This is problematic for Xwindows since a lot of Xwindow programs fail to check the availability of the Xwindow server (the PC's display) and will hang. Note also that there a are many ways to login to HP-UX. telnet is the most common but remsh/rlogin, ssh, ftp, etc so you need to define a session.

Typically a telnet session will always run through /etc/profile and this is a good place to check for logins. As mentioned, who depends on /etc/utmp which can get corrupted so a better way is to ask ps to search for login shells (assuming your users are using telnet or ssh) for a specific user. When each user logs in, /etc/profile will have the variable LOGNAME set so:

USERLOGINS=$(UNIX95= ps -u$LOGNAME -o comm | grep "-" | wc -l)

Now $USERLOGINS will be the number of login shells. To see how this works, separate the lines:

UNIX95= ps -u$LOGNAME -o comm
UNIX95= ps -u$LOGNAME -o comm | grep "-"

You can substitute any user name for testing. In /etc/profile, once the code is working, if the user has $USERLOGINS equal to 4 or more, echo an error message and exit. This is a lot more reliable (and much less overhead) than using who.


Bill Hassell, sysadmin
Reply
Global Server Operation
Frequent Advisor

‎09-27-2003 04:32 PM

‎09-27-2003 04:32 PM

Re: Session limitations and who substitutions

Thanks to all that replied. As I always, you guys have come thru for me. Bill you have helped me so much in the past. Everyone else I look to hearing from you in the future. Again Thanks. I will assign points.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.