HPE Community
Operating System - HP-UX
1834461 Members
2557 Online
110067 Solutions
New Discussion

User logon session doesn’t expire, even if left the system logged on for a long time.

 
SOLVED
Go to solution
senthil_kumar_1
Super Advisor

‎06-16-2009 07:37 AM

‎06-16-2009 07:37 AM

User logon session doesn’t expire, even if left the system logged on for a long time.

Hi

I am using Hpux and linux (redhat and suse).

How to make expiring the system automatically for terminal login [hpux (rlogin / telnet) and linux (ssh)] and xmanger / vnc login (GUI).


how to solve this problem.

0 Kudos
Reply
44 REPLIES 44
Steven E. Protter
Exalted Contributor

‎06-16-2009 07:48 AM

‎06-16-2009 07:48 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Shalom,

set the TMEOUT paramter.

This will work for terminal sessions.

But if you run an application after that it will not time out because most applications keep the terminal session thinking there is activity unless they themselves have idle time outs.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
OldSchool
Honored Contributor

‎06-16-2009 07:58 AM

‎06-16-2009 07:58 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Depends upon the shell (bash, bourne shell, ksh, csh or ??) the user isrunning, not the method of getting it (ssh/telnet/rlogin)

posix, ksh and bash have the TMOUT variable. Note this only works when the the user is sitting at a "PS1" prompt. If they've left something open, say "vi" or an app, I don't believe this works.

sh and csh don't have that ability at all as far as I can tell.

CDE / graphical sessions, see:
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1254173
Reply
Mel Burslan
Honored Contributor

‎06-16-2009 08:06 AM

‎06-16-2009 08:06 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

As Old school suggested, the TMOUT variable is only applicable to a handful of shells and if you seem busy, like editing a file in vi, even if you are performing no activity, it prevents the timeout from taking effect.

Our network team has a more drastic solution to this problem. I can not say I like the way they do it but security guidelines force them to kill any sessions which are inactive for more than 3600 seconds, by killing the connection between the server and the client. It caused a lot of headaches for long running installations and such, but a necessary evil in my opinion. It is all done at the firewall level and we, as sysadmins, have no control over it. If you have an audit requirement for doing this, talk to your firewall people.
________________________________
UNIX because I majored in cryptology...
Reply
Dennis Handly
Acclaimed Contributor

‎06-16-2009 08:40 AM

‎06-16-2009 08:40 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

>OldSchool: sh and csh don't have that ability at all as far as I can tell.

sh == posix shell on HP-UX.
Hmm, I thought the scummy C shell has a similar variable but I can't find it.
Reply
James R. Ferguson
Acclaimed Contributor

‎06-16-2009 08:44 AM

‎06-16-2009 08:44 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi:

For that scummy C-shell the equivalent of the Posix TMOUT is 'autologout'.

Regards!

...JRF...
Reply
senthil_kumar_1
Super Advisor

‎06-16-2009 08:51 AM

‎06-16-2009 08:51 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi

I am using following shells

sh - for HP-Unix
bash - for linux (redhat / suse).

How, where (which file) and what parameter to be set for above mentioned OS.
0 Kudos
Reply
Michael Steele_2
Honored Contributor

‎06-16-2009 08:57 AM

‎06-16-2009 08:57 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

TMOUT for posix, HP-UX sh. To check current value, echo $TMOUT from command line. To automate for all users, /etc/profile and add a line anywhere like so:

export TMOUT=3600 (* in seconds, always. 3600 = one hour *)

Support Fatherhood - Stop Family Law
Reply
Dennis Handly
Acclaimed Contributor

‎06-16-2009 09:01 AM

‎06-16-2009 09:01 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

>Michael: export TMOUT=3600 (* in seconds, always. 3600 = one hour *)

If you use the following you don't have to document it: ;-)
export TMOUT=$(( 1 * 60 * 60 ))

If you are feeling really evil, you can make the variable readonly so users can't change it.
readonly TMOUT
Reply
James R. Ferguson
Acclaimed Contributor

‎06-16-2009 09:06 AM

‎06-16-2009 09:06 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi (again) Senthil:

For your 'bash' shell, 'TMOUT' should also apply. Set it as you see fit in your '${HOME}/.bashrc'.

Regards!

...JRF...
Reply
Steven E. Protter
Exalted Contributor

‎06-16-2009 09:08 AM

‎06-16-2009 09:08 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

My original foray into this fun was adabas and natural

I had to set the database timeout to 30 minutes by fiat from cranky users.

Then I had to set the natural timeout, which didn't run concurrently to 5 minutes.

Then the user got dumped to a command line and the TMOUT paramter started to work.

As the saying goes. Your mileage may vary.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Suraj K Sankari
Honored Contributor

‎06-16-2009 09:19 AM

‎06-16-2009 09:19 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi,
See the below link

http://www.unix.com/hp-ux/12816-timeout.html

Suraj
Reply
OldSchool
Honored Contributor

‎06-16-2009 12:46 PM

‎06-16-2009 12:46 PM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Dennis ==> "sh == posix shell on HP-UX."


yeah, but I'm used to 11.0 and earlier, where "old" sh and posix-sh were installed...
Reply
OldSchool
Honored Contributor

‎06-16-2009 12:51 PM

‎06-16-2009 12:51 PM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Mel said "Our network team has a more drastic solution to this problem."

I've seen similar. There used to be a script floating around called "idleout" which would find all non-root processes and sort them by user and idle time(descending).

it looked at a config file, and if it found the longest idle time for a given user exceeded the limit set for that user in the config, it would start killing processes.

did wonderful things the first time they put it on a server supporting xwindow apps
Reply
James R. Ferguson
Acclaimed Contributor

‎06-16-2009 01:02 PM

‎06-16-2009 01:02 PM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi (again):

> OldSchool: yeah, but I'm used to 11.0 and earlier, where "old" sh and posix-sh were installed...

Yes, the old Bourne shell lives (lived) as '/usr/old/bin/sh' whereas the Posix shell is (of course) '/usr/bin/sh' and '/sbin/sh'.

The old Bourne shell was (last) available in 11.11.

Regards!

...JRF...
Reply
senthil_kumar_1
Super Advisor

‎06-17-2009 10:51 AM

‎06-17-2009 10:51 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi All,

I am using HPUX 10.20, 11.00, 11.11.

I have enter following in /root/.profile

TMOUT=10
readonly TMOUT
export TMOUT

I used rlogin session. my session is not disconnecting automatically.

But the above variables is working fine in linux (/root/.bashr).

How to solve this.
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎06-17-2009 10:57 AM

‎06-17-2009 10:57 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi (again) Senthil:

> I used rlogin session. my session is not disconnecting automatically.

And as OldSchool said, are you sitting at the PS1 prompt?

Regards!

...JRF...
Reply
senthil_kumar_1
Super Advisor

‎06-17-2009 11:30 AM

‎06-17-2009 11:30 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi Jason,

I can not understand your comments.

for your reference.


root@lgsna:/etc/skel > who
opsmgr pts/ta Jun 17 14:23
root pts/0 Jun 17 13:39

root@lgsna:/etc/skel > echo $PS1
root@lgsna:$PWD >
0 Kudos
Reply
Steven Schweda
Honored Contributor

‎06-17-2009 01:38 PM

‎06-17-2009 01:38 PM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

> export TMOUT=[...]

Any reason to _export_ this thing which the
"man" page calls a "parameter" (that is, a
shell variable, not an environment variable)?
Who other than the shell would care what it
might be?
Reply
Dennis Handly
Acclaimed Contributor

‎06-18-2009 12:45 AM

‎06-18-2009 12:45 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

>Steven: Any reason to _export_ this thing ... Who other than the shell would care what it
might be?

A subshell? Otherwise you could easily defeat it by typing ksh or sh.
Reply
senthil_kumar_1
Super Advisor

‎06-18-2009 06:22 AM

‎06-18-2009 06:22 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi All,

Still i am not able to set the time out variable.

Pls look at my configurations.

1) # vi /root/.profile

export TMOUT=[10]

2) root@lgsna:/root > echo $SHELL
/sbin/sh

3) root@lgsna:/root > env | grep -i TMOUT
No Output.

How to solve this problem

It is very urgent.

0 Kudos
Reply
Sunny123_1
Esteemed Contributor

‎06-18-2009 06:32 AM

‎06-18-2009 06:32 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi

could you provide the output of

#echo $TMOUT


Regards
Sunny
Reply
OldSchool
Honored Contributor

‎06-18-2009 06:54 AM

‎06-18-2009 06:54 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

for the hpux box that is giving you problems:
1) check the password file to see which shell is actually being run
2) check the "man" page for that shell to see if TMOUT is supported.
3) which is it, as you wrote:
"export TMOUT=[10]" one place
and
"TMOUT=10
readonly TMOUT
export TMOUT"
another
Reply
senthil_kumar_1
Super Advisor

‎06-18-2009 08:46 AM

‎06-18-2009 08:46 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi

root@lgsna:/root > echo $TMOUT
0


I have tried both the entries in /root/.profile file.


"export TMOUT=[10]" one place
and
"TMOUT=10
readonly TMOUT
export TMOUT"

But it is not working fine.
0 Kudos
Reply
Sunny123_1
Esteemed Contributor

‎06-18-2009 08:55 AM

‎06-18-2009 08:55 AM

Re: User logon session doesn’t expire, even if left the system logged on for a long time.

Hi

Do
TMOUT=10 or [10]
export TMOUT
echo $TMOUT

and post the output.


Regards
Sunny
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.