From owner-freebsd-hackers Fri Apr 14 13:37:18 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from cytosine.dhs.org (cx272244-a.orng1.occa.home.com [24.1.177.149]) by hub.freebsd.org (Postfix) with ESMTP id 6C5A537B756 for ; Fri, 14 Apr 2000 13:37:13 -0700 (PDT) (envelope-from bhishan@cytosine.dhs.org) Received: (from bhishan@localhost) by cytosine.dhs.org (8.10.0/8.10.0) id e3EKb9R37103; Fri, 14 Apr 2000 13:37:09 -0700 (PDT) From: Bhishan Hemrajani Message-Id: <200004142037.e3EKb9R37103@cytosine.dhs.org> Subject: Re: login.conf question In-Reply-To: from James Halstead at "Apr 14, 2000 12:01:28 pm" To: James Halstead Date: Fri, 14 Apr 2000 13:37:09 -0700 (PDT) Cc: freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Instead of using sessionlimit, why don't you limit the number of processes. That way, the number of shells that they can have is limited also. --bhishan > > That might make sence at first, but that should still keep one person from > logging in more than 4 times. Also i tested the session time and that is > not working either so that makes me think there is something else i am > missing. > > Besides the maxproc will pretty much limit them anyway ;) although that > might make for more questions about why they can't run any programs when > they have too many logins. Owell, I have yet to have anybody actually try > to log in that many times. > > Perhaps there is something else i am forgetting to enable this? maby a > kernal option or sysctl? > > On Thu, 13 Apr 2000, Bhishan > Hemrajani wrote: > > > >From "man login.conf": > > sessiontime time Maximum login time per session. > > sessionlimit number Maximum number of concurrent login > > sessions on ttys in any group. > > > > It seems here that session limit is on a per group basis. > > > > Try making a couple users, then logging in with each of those users. > > I think that's what it might be limiting. > > > > --bhishan > > > > [Charset iso-8859-1 unsupported, filtering to ASCII...] > > > Bhishan Hemrajani wrote: > > > > > > > > > > Alright, a couple things come to mind here. > > > > > > > > 1. Did you make the database? (# cap_mkdb /etc/login.conf) > > > > > > Yes i made sure to do this ;) > > > > > > > 2. Did you add the user to the class (# chfn user) > > > > (and then put the class name in the class field) > > > > > > also yes (chpass) > > > > > > > 3. If you did do that, login as the user (not su), and > > > > type "limit" and give me an output. > > > > > > % limit > > > cputime 1:00:00 > > > filesize 5120 kbytes > > > datasize 10240 kbytes > > > stacksize 10 kbytes > > > coredumpsize 1024 kbytes > > > memoryuse 10240 kbytes > > > memorylocked 5120 kbytes > > > maxproc 12 > > > openfiles 20 > > > > > > that's odd, it dosn't mention the session limits. I knew that the other > > > limits worked, I tested them with a forkbomb, a mallocbomb and an infinitly > > > recursive program just to see what would happen. fork and malloc failed > > > expectedly and the infinit recursion segfaults after about 5400 recursions. > > > > > > Unless there is a problem with my login.conf or there is an option somewhere > > > that i have to enable I don't know why the sessionlimit and idletime don't > > > work (although i haven't tested the idletime) > > > > > > > > > > > --bhishan > > > > > > > > > > hey out there! > > > > > This is my first time doing someting like an i am having problems > > > > > with one part. The session limit does not seem to be working. My > > > > > understanding was that this was a hard limit for the number of > > > > > simutanious logins a person may have. I created a test account and > > > > > was able to have 6 logins open even though the limit is set to 4. > > > > > Also I am curious if i set the idletime and warntime right, and if i > > > > > need to have the accounting enabled in order for things to work. > > > > > > > > > > thanks for any help. > > > > > > > > > > James > > > > > > > > > > - ---- begin login.conf ---- > > > > > > > > > > # login.conf - login class capabilities database. > > > > > # After each edit don't forget to run: > > > > > # cap_mkdb /etc/login.conf > > > > > > > > > > #defaults - defaults for all users except root > > > > > # NOTE: default gives no recource limits!! > > > > > > > > > > default:\ > > > > > :cputime=unlimited:\ > > > > > :filesize=unlimited:\ > > > > > :datasize=unlimited:\ > > > > > :stacksize=unlimited:\ > > > > > :coredumpsize=unlimited:\ > > > > > :memoryuse=unlimited:\ > > > > > :memorylocked=unlimited:\ > > > > > :maxproc=unlimited:\ > > > > > :openfiles=unlimited:\ > > > > > :manpath=/usr/share/man /usr/local/man:\ > > > > > :nologin=/var/run/nologin:\ > > > > > :path=~/bin /usr/local/bin /usr/bin /bin:\ > > > > > :priority=0:\ > > > > > :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ > > > > > :term=vt100:\ > > > > > :umask=022:\ > > > > > :welcome=/etc/motd:\ > > > > > :minpasswordlen=8:\ > > > > > :copyright=/etc/COPYRIGHT:\ > > > > > :idletime=unlimited:\ > > > > > :sessionlimit=unlimited: > > > > > > > > > > #root - make absolutly sure root can do anything. > > > [snip] > > > cstudent is the class that i am working with > > > > > #cstudent - limit the recources for c class students. > > > > > cstudent:\ > > > > > :accounted:\ > > > > > :cputime=1h:\ > > > > > :filesize=5m:\ > > > > > :datasize=10m:\ > > > > > :stacksize=10k:\ > > > > > :coredumpsize=1m:\ > > > > > :memoryuse=10m:\ > > > > > :memorylocked=5m:\ > > > > > :maxproc=12:\ > > > > > :openfiles=20:\ > > > > > :requirehome:\ > > > > > :umask=077:\ > > > > > :sessionlimit=4:\ > > > > > :idletime=3h:\ > > > > > :warntime=2h45m:\ > > > > > :tc=default: > > > [snip] > > > > > - ---- end login.conf ---- > > > > > - ------------------------------------------------------- > > > > > For my public key please visit: > > > > > http://www.dreamscape.com/halstead/jh.asc > > > > > - ------------------------------------------------------- > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message