From owner-freebsd-stable Tue Sep 25 5: 3:25 2001 Delivered-To: freebsd-stable@freebsd.org Received: from bleys.tpgi.com.au (bleys.tpgi.com.au [203.12.160.38]) by hub.freebsd.org (Postfix) with ESMTP id AC86137B408 for ; Tue, 25 Sep 2001 05:03:18 -0700 (PDT) Received: (from smtpd@localhost) by bleys.tpgi.com.au (8.11.2/8.11.2) id f8PC3G914022; Tue, 25 Sep 2001 22:03:16 +1000 Received: from buffy.tpgi.com.au(203.12.160.34) via SMTP by bleys.tpgi.com.au, id smtpdNTTFva; Tue Sep 25 22:03:15 2001 Received: (from smtpd@localhost) by buffy.tpgi.com.au (8.9.3/8.9.3) id WAA27640; Tue, 25 Sep 2001 22:03:13 +1000 Received: from muras-remote149.ocs.mq.edu.au(137.111.7.163), claiming to be "tpgi.com.au" via SMTP by buffy.tpgi.com.au, id smtpdkTdcYc; Tue Sep 25 22:03:02 2001 Message-ID: <3BB0725E.6EFDF7D1@tpgi.com.au> Date: Tue, 25 Sep 2001 22:02:38 +1000 From: eirvine X-Mailer: Mozilla 4.6 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: Andrea Di Giovanni Cc: freebsd-stable@FreeBSD.ORG Subject: Re: login class References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi Andrea, This comes up from time to time. Unfortunately, not all the parameters in login.conf actually work... However, I find enough of them work to make it useful - In particular, I have used CPU time to great advantage in the past to terminate "stuck" sessions. Eddie. Andrea Di Giovanni wrote: > > Hi, > > I have some trouble with login.conf, > > I set up a 'restricted' profile as follows: > > <--->8---> > restricted:\ > :passwd_format=blf:\ > :copyright=/etc/COPYRIGHT:\ > :welcome=/etc/motd:\ > :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ > :path=~/bin /bin /usr/bin /usr/local/bin:\ > :manpath=/usr/share/man /usr/local/man:\ > :nologin=/var/run/nologin:\ > :cputime=1h30m:\ > :datasize=8m:\ > :stacksize=2m:\ > :memorylocked=4m:\ > :memoryuse=8m:\ > :filesize=8m:\ > :coredumpsize=8m:\ > :openfiles=24:\ > :maxproc=32:\ > :priority=0:\ > :requirehome:\ > :umask=002:\ > :sessionlimit=3:\ > :sessiontime=2h:\ > :idletime=15m:\ > :gracetime=3m:\ > :passwordtime=60d:\ > :minpasswordlen=8:\ > :warnpassword=2w:\ > :warntime=5m:\ > :mixpasswordcase: > # :ignoretime@: > <--->8---> > > then I added a 'testuser' to my system with this login class. > > This is the output of ulimit -a command for 'testuser': > > core file size (blocks) 8192 > data seg size (kbytes) 8192 > file size (blocks) 8192 > max locked memory (kbytes) 4096 > max memory size (kbytes) 8192 > open files 24 > pipe size (512 bytes) 1 > stack size (kbytes) 2048 > cpu time (seconds) 5400 > max user processes 32 > virtual memory (kbytes) 10240 > ... > also passwd_format, minpasswordlen and mixpasswordcase works fine... > > but others directives like > :sessionlimit=3:\ > :sessiontime=2h:\ > :idletime=15m:\ > :warntime=5m:\ > > doesn't work at all! > > Infact I was able to open more then 3 ssh concurrent session for 'testuser' > In these session I didn't send any keystrokes for up two hours > and the session was still active without any warn message! > > Where is my mistake? > > Tanks > > Andrea Di Giovanni > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message