Solved

user access limit

Posted on 2003-12-06
5
339 Views
Last Modified: 2013-12-15
I`m a new user of the linux SuSE prof 7.3 and the computer i use serves as an authentication server.I have added new users and the server can authenticate the users well.My problem is that i have to limit the users by the number of hours they are suppose to connect to my server to obtain services,but now when i use a command like chage,it gives me an opportunity to limit the user by the number of MONTHS and DAYS .Infact my interest is to limit the users by the number of HOURS ,so i dont know this is posible and how.
Does it means linux SuSE is not good at managing users?
Do i also need another server or operating system for controlling my users?
   I will be very grateful for your answers
0
Comment
Question by:chickcanete
  • 2
5 Comments
 
LVL 44

Accepted Solution

by:
Karl Heinz Kremer earned 45 total points
ID: 9888530
SuSE is not better or worse than other distributions in controlling users. It's all a matter of which packages you have installed. SuSE 7.3 is pretty old, and I don't remember what exactly it did provide. If you want to limit the times a user can log in (e.g. 10am to 2pm on weekdays, and 8am to 4pm on weekends), you can do this with PAM. See the configuration file /etc/security/time.conf for examples. If you don't have this file, you may need to install the PAM package.

If however you want to limit the user to just e.g. two hours a day in total, regardless of how often they log in, I doubt that this is possible with standard SuSE tools.  

You may be able to do this with a custom program that you use as the login shell for the users that have this restriction: It would first open the wtpm file and add all the login times for the current day and compare them with a set limit. If the limit is not yet exceeded, it would then spawn a shell and let the user in, if the time is already exceeded, it would not spawn the shell, and therefore log the user out again. The only problem is now to log the user out if the time limit is exceeded during the login session. To do that, I would write a data record to a file, which is then parsed at certain times to see if a user needs to be logged out. I did search the internet, but did not find any application that already does this.

BTW: You should consider to update to a more recent version of SuSE. They did just discontinue support for 7.3, which means that you will not get any more security updates for this release.
0
 

Assisted Solution

by:devilonnet
devilonnet earned 44 total points
ID: 10033132
try LDAP and IPTABLES...we r doing it that way...it works just fine...u can define it on days of week, and the hours the user can log in...
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10033391
You can also use the ideld daemon (http://www.darkwing.com/idled/) to force a logout after a certain login time. This is pretty old software (I think the last update happend in'99). You need to compile it yourself. Instructions about how to download and compile the software are here:

http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Administration/Q_20837811.html

(The instructions are near the end of the thread).
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question