Date: Tue, 25 Sep 2001 22:02:38 +1000 From: eirvine <eirvine@tpgi.com.au> To: Andrea Di Giovanni <digiovannia@hotmail.com> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: login class Message-ID: <3BB0725E.6EFDF7D1@tpgi.com.au> References: <OE37ATGcOogDur0KhCf0000344a@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Andrea, This comes up from time to time. Unfortunately, not all the parameters in login.conf actually work... However, I find enough of them work to make it useful - In particular, I have used CPU time to great advantage in the past to terminate "stuck" sessions. Eddie. Andrea Di Giovanni wrote: > > Hi, > > I have some trouble with login.conf, > > I set up a 'restricted' profile as follows: > > <--->8---> > restricted:\ > :passwd_format=blf:\ > :copyright=/etc/COPYRIGHT:\ > :welcome=/etc/motd:\ > :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ > :path=~/bin /bin /usr/bin /usr/local/bin:\ > :manpath=/usr/share/man /usr/local/man:\ > :nologin=/var/run/nologin:\ > :cputime=1h30m:\ > :datasize=8m:\ > :stacksize=2m:\ > :memorylocked=4m:\ > :memoryuse=8m:\ > :filesize=8m:\ > :coredumpsize=8m:\ > :openfiles=24:\ > :maxproc=32:\ > :priority=0:\ > :requirehome:\ > :umask=002:\ > :sessionlimit=3:\ > :sessiontime=2h:\ > :idletime=15m:\ > :gracetime=3m:\ > :passwordtime=60d:\ > :minpasswordlen=8:\ > :warnpassword=2w:\ > :warntime=5m:\ > :mixpasswordcase: > # :ignoretime@: > <--->8---> > > then I added a 'testuser' to my system with this login class. > > This is the output of ulimit -a command for 'testuser': > > core file size (blocks) 8192 > data seg size (kbytes) 8192 > file size (blocks) 8192 > max locked memory (kbytes) 4096 > max memory size (kbytes) 8192 > open files 24 > pipe size (512 bytes) 1 > stack size (kbytes) 2048 > cpu time (seconds) 5400 > max user processes 32 > virtual memory (kbytes) 10240 > ... > also passwd_format, minpasswordlen and mixpasswordcase works fine... > > but others directives like > :sessionlimit=3:\ > :sessiontime=2h:\ > :idletime=15m:\ > :warntime=5m:\ > > doesn't work at all! > > Infact I was able to open more then 3 ssh concurrent session for 'testuser' > In these session I didn't send any keystrokes for up two hours > and the session was still active without any warn message! > > Where is my mistake? > > Tanks > > Andrea Di Giovanni > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BB0725E.6EFDF7D1>