Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 14 Apr 2000 13:37:09 -0700 (PDT)
From:      Bhishan Hemrajani <bhishan@cytosine.dhs.org>
To:        James Halstead <halstead@dreamscape.com>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: login.conf question
Message-ID:  <200004142037.e3EKb9R37103@cytosine.dhs.org>
In-Reply-To: <Pine.BSI.4.21.0004141133400.21226-100000@nova.dreamscape.com> from James Halstead at "Apr 14, 2000 12:01:28 pm"

next in thread | previous in thread | raw e-mail | index | archive | help
Instead of using sessionlimit, why don't you limit the number of processes.

That way, the number of shells that they can have is limited also.

--bhishan

> 
> That might make sence at first, but that should still keep one person from
> logging in more than 4 times. Also i tested the session time and that is
> not working either so that makes me think there is something else i am
> missing.
> 
> Besides the maxproc will pretty much limit them anyway ;) although that
> might make for more questions about why they can't run any programs when
> they have too many logins. Owell, I have yet to have anybody actually try
> to log in that many times. 
> 
> Perhaps there is something else i am forgetting to enable this? maby a
> kernal option or sysctl?
> 
>  On Thu, 13 Apr 2000, Bhishan
> Hemrajani wrote:
> 
> > >From "man login.conf":
> >      sessiontime       time                Maximum login time per session.
> >      sessionlimit      number              Maximum number of concurrent login
> >                                            sessions on ttys in any group.
> > 
> > It seems here that session limit is on a per group basis.
> > 
> > Try making a couple users, then logging in with each of those users.
> > I think that's what it might be limiting.
> > 
> > --bhishan
> > 
> > [Charset iso-8859-1 unsupported, filtering to ASCII...]
> > > Bhishan Hemrajani wrote:
> > > 
> > > 
> > > > Alright, a couple things come to mind here.
> > > >
> > > > 1. Did you make the database? (# cap_mkdb /etc/login.conf)
> > > 
> > > Yes i made sure to do this ;)
> > > 
> > > > 2. Did you add the user to the class (# chfn user)
> > > >    (and then put the class name in the class field)
> > > 
> > > also yes (chpass)
> > > 
> > > > 3. If you did do that, login as the user (not su), and
> > > >    type "limit" and give me an output.
> > > 
> > > % limit
> > > cputime         1:00:00
> > > filesize        5120 kbytes
> > > datasize        10240 kbytes
> > > stacksize       10 kbytes
> > > coredumpsize    1024 kbytes
> > > memoryuse       10240 kbytes
> > > memorylocked    5120 kbytes
> > > maxproc         12
> > > openfiles       20
> > > 
> > > that's odd, it dosn't mention the session limits. I knew that the other
> > > limits worked, I tested them with a forkbomb, a mallocbomb and an infinitly
> > > recursive program just to see what would happen. fork and malloc failed
> > > expectedly and the infinit recursion segfaults after about 5400 recursions.
> > > 
> > > Unless there is a problem with my login.conf or there is an option somewhere
> > > that i have to enable I don't know why the sessionlimit and idletime don't
> > > work (although i haven't tested the idletime)
> > > 
> > > >
> > > > --bhishan
> > > > >
> > > > > hey out there!
> > > > > This is my first time doing someting like an i am having problems
> > > > > with one part. The session limit does not seem to be working. My
> > > > > understanding was that this was a hard limit for the number of
> > > > > simutanious logins a person may have. I created a test account and
> > > > > was able to have 6 logins open even though the limit is set to 4.
> > > > > Also I am curious if i set the idletime and warntime right, and if i
> > > > > need to have the accounting enabled in order for things to work.
> > > > >
> > > > > thanks for any help.
> > > > >
> > > > > James
> > > > >
> > > > > - ---- begin login.conf ----
> > > > >
> > > > > # login.conf - login class capabilities database.
> > > > > # After each edit don't forget to run:
> > > > > # cap_mkdb /etc/login.conf
> > > > >
> > > > > #defaults - defaults for all users except root
> > > > > # NOTE: default gives no recource limits!!
> > > > >
> > > > > default:\
> > > > >  :cputime=unlimited:\
> > > > >  :filesize=unlimited:\
> > > > >  :datasize=unlimited:\
> > > > >  :stacksize=unlimited:\
> > > > >  :coredumpsize=unlimited:\
> > > > >  :memoryuse=unlimited:\
> > > > >  :memorylocked=unlimited:\
> > > > >  :maxproc=unlimited:\
> > > > >  :openfiles=unlimited:\
> > > > >  :manpath=/usr/share/man /usr/local/man:\
> > > > >  :nologin=/var/run/nologin:\
> > > > >  :path=~/bin /usr/local/bin /usr/bin /bin:\
> > > > >  :priority=0:\
> > > > >  :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
> > > > >  :term=vt100:\
> > > > >  :umask=022:\
> > > > >  :welcome=/etc/motd:\
> > > > >  :minpasswordlen=8:\
> > > > >  :copyright=/etc/COPYRIGHT:\
> > > > >  :idletime=unlimited:\
> > > > >  :sessionlimit=unlimited:
> > > > >
> > > > > #root - make absolutly sure root can do anything.
> > > [snip]
> > > cstudent is the class that i am working with
> > > > > #cstudent - limit the recources for c class students.
> > > > > cstudent:\
> > > > >  :accounted:\
> > > > >  :cputime=1h:\
> > > > >  :filesize=5m:\
> > > > >  :datasize=10m:\
> > > > >  :stacksize=10k:\
> > > > >  :coredumpsize=1m:\
> > > > >  :memoryuse=10m:\
> > > > >  :memorylocked=5m:\
> > > > >  :maxproc=12:\
> > > > >  :openfiles=20:\
> > > > >  :requirehome:\
> > > > >  :umask=077:\
> > > > >  :sessionlimit=4:\
> > > > >  :idletime=3h:\
> > > > >  :warntime=2h45m:\
> > > > >  :tc=default:
> > > [snip]
> > > > > - ---- end login.conf ----
> > > > > - -------------------------------------------------------
> > > > > For my public key please visit:
> > > > > http://www.dreamscape.com/halstead/jh.asc
> > > > > - -------------------------------------------------------
> > > 
> > > 
> > 
> 
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004142037.e3EKb9R37103>