Solved

user access limit

Posted on 2003-12-06
5
327 Views
Last Modified: 2013-12-15
I`m a new user of the linux SuSE prof 7.3 and the computer i use serves as an authentication server.I have added new users and the server can authenticate the users well.My problem is that i have to limit the users by the number of hours they are suppose to connect to my server to obtain services,but now when i use a command like chage,it gives me an opportunity to limit the user by the number of MONTHS and DAYS .Infact my interest is to limit the users by the number of HOURS ,so i dont know this is posible and how.
Does it means linux SuSE is not good at managing users?
Do i also need another server or operating system for controlling my users?
   I will be very grateful for your answers
0
Comment
Question by:chickcanete
  • 2
5 Comments
 
LVL 44

Accepted Solution

by:
Karl Heinz Kremer earned 45 total points
ID: 9888530
SuSE is not better or worse than other distributions in controlling users. It's all a matter of which packages you have installed. SuSE 7.3 is pretty old, and I don't remember what exactly it did provide. If you want to limit the times a user can log in (e.g. 10am to 2pm on weekdays, and 8am to 4pm on weekends), you can do this with PAM. See the configuration file /etc/security/time.conf for examples. If you don't have this file, you may need to install the PAM package.

If however you want to limit the user to just e.g. two hours a day in total, regardless of how often they log in, I doubt that this is possible with standard SuSE tools.  

You may be able to do this with a custom program that you use as the login shell for the users that have this restriction: It would first open the wtpm file and add all the login times for the current day and compare them with a set limit. If the limit is not yet exceeded, it would then spawn a shell and let the user in, if the time is already exceeded, it would not spawn the shell, and therefore log the user out again. The only problem is now to log the user out if the time limit is exceeded during the login session. To do that, I would write a data record to a file, which is then parsed at certain times to see if a user needs to be logged out. I did search the internet, but did not find any application that already does this.

BTW: You should consider to update to a more recent version of SuSE. They did just discontinue support for 7.3, which means that you will not get any more security updates for this release.
0
 

Assisted Solution

by:devilonnet
devilonnet earned 44 total points
ID: 10033132
try LDAP and IPTABLES...we r doing it that way...it works just fine...u can define it on days of week, and the hours the user can log in...
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10033391
You can also use the ideld daemon (http://www.darkwing.com/idled/) to force a logout after a certain login time. This is pretty old software (I think the last update happend in'99). You need to compile it yourself. Instructions about how to download and compile the software are here:

http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Administration/Q_20837811.html

(The instructions are near the end of the thread).
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now