Date: Sun, 15 Jul 2001 19:00:43 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: James Wyatt <jwyatt@rwsystems.net> Cc: Kal Torak <kaltorak@quake.com.au>, =?iso-8859-1?Q?Mat=EEss?= Elsbergs <sandstorm@astranet.lv>, Marc Veldman <freebsd@lurkie.xs4all.nl>, freebsd-isp@FreeBSD.ORG Subject: Re: Background processes limiting Message-ID: <Pine.BSF.4.21.0107151840080.61534-100000@ren.sasknow.com> In-Reply-To: <Pine.BSF.4.10.10107150907380.46742-100000@bsdie.rwsystems.net>
next in thread | previous in thread | raw e-mail | index | archive | help
James Wyatt wrote to Kal Torak: > On Sun, 15 Jul 2001, Kal Torak wrote: > > Why not just make .logout owned by root? Only give the users group read > > access... That should work, just have a killall -m . -9 or something > > like that in there... > > > > Then just have your cron job running every so often to clean up anything > > that might of somehow slipped though the cracks... > > If the file is owned by root, but in a directory owned by joe.user, > then Joe can easily 'rm' the file himself. I liked the idea of using a > .logout, but having a cron job 1) ensure the few processes missed by > ".logout"s get caught and addressed, 2) report users who have removed > or altered their .logout files, and 3) regenerate any altered or > deleted .logout files. I simply put "schg uunlnk /home/$user/.logout" into our automated user creation scripts after the skel files are copied. Works like a charm. If you want to do this in past-tense to an existing user base (this assumes all user accounts are off of a common home directory--repeat this step for alternate home roots) 1) Create a suitable .logout file that fits your purposes. I'll assume it is named .logout, in the current working directory Use the following slick little command: apply 'install -c -m 0555 -o 0 -g 0 -f uunlnk .logout' /home/*/ That will install a copy of the file .logout from the current directory, everyone read/exec, owned by root:wheel, user unlink flag set, into each directory off of /home/. Fun, huh? If everyone already has .logout files and you just want to set the flags: chflags uunlnk /home/*/.logout Depending on the number of users, these commands may take a while to complete, so be warned ;-) If you want to allow your users to customize their .logout files, have the default .logout script exec something like ~/dot.logout at a suitable time during the script. If you only want to allow certain people to do this (say, staff members, with UID < 1000), just wrap the call to dot.logout in an if statement: if [ $UID -lt 1000 ]; then # Call user defined logout ~/dot.logout fi Some shells recognize system-wide logout files... But the above approach ensures that the user can not override system default logout conditions. > Too bad there isn't a syste-wide .logout file something like > /etc/logout to match the /etc/profile for logins. (or is there?) - Jy@ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107151840080.61534-100000>