Solved

Control users login/logout times and force logoff?

Posted on 2004-05-01
9
3,825 Views
Last Modified: 2013-12-16
Hello.

I currently use rh9.  Have a nice little box that I'm using as an internet gateway/squid transparent proxy.  I would like to force network clients to log off and kill internet access after a certain time of day.

Can someone please point me in the right direction?

BTW, the clients are all winxppro boxes.  Domain logn to SAMBA running on the same box.  IPTABLES for the firewall scripts.

Thanks.
0
Comment
Question by:oregonisonline
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 3

Expert Comment

by:tolgadalkilic
Comment Utility
I think you are asking for "scheduling tasks" for your linux box to stop some gateway for some clients

For scheduling solution "crontab" is used. You can schedule any job for different periods of time.
A short and easy documentation for crontab:
http://www.nerc-online.com/support/www/crontab.html

have fun.
0
 
LVL 3

Expert Comment

by:mac_
Comment Utility
Hi Oregonisonline,

I think this deservers some more explanations :

- what do you mean by "Log Off" ? Do you mean log the off from their client computer ? If so, it looks like a Windows problem (assuming the clients are running Windows).

- you want to "kill internet access after a certain time of day"...  suspect you want to re-authorize it after a certain other time of the day too. If you want to disable ALL access, and if your box is doing NAT (masquerading) or routing for the clients, I'd use cron to remove / add your NAT rule, hence completely disabling / enabling Internet access.
0
 
LVL 17

Expert Comment

by:owensleftfoot
Comment Utility
" I would like to force network clients to log off and kill internet access after a certain time of day."

A very easy but not very elegant method would be to have a cron job setup for a certain time which contains the command "service network stop". Then have a cron job setup for the time you want to allow access again which has the command "service network start".
0
 
LVL 3

Expert Comment

by:mac_
Comment Utility
Just as a note... if you "network stop", you don't only kill internet access for the users but kick any kind of Internet communication for your gateway : no more remote admin, backup, monitoring, mail, nothing....

It's maybe not what you want.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 38

Expert Comment

by:yuzh
Comment Utility
You might just want to run a cron job to kill all the users login sessions (or remote user's login).

Please defind what you mean by "Control users login/logout times and force logoff"?

Do you mean kick off all the user at the same time of the day? if so, use cron to kill all the
normal user's process will do the job for you.
0
 

Author Comment

by:oregonisonline
Comment Utility
Sorry I didn't jump back on earlier. I'll try and make this a little more clear.

I may have to push this to a Windows2000 Domain controller with ISA server.  It's starting to look that way.

In a Windows domain, you can set local and domain security policies which include the ability to force a user's logoff of the domain (and machine) to include network access at a specified time of day.  Each user can be different.  

I don't want to just do a network stop on the linux box, as there are other users who will have unrestricted access to the internet and other network functions.

Basically, want the kids to be forced to log off their machines by 10 pm m-f  11:30 pm on the weekends, while allowing the adults to continue access as normal.

I hope this clears it up a bit.
0
 
LVL 38

Accepted Solution

by:
yuzh earned 250 total points
Comment Utility
If you want to just kick off the kids, you could put all the kids login name in a text file, make it
looks like:

david fred alex
paul

let's say you want to put it in /var/adm/ and named it as kids.txt

then use the following script to kill all the kids process:

#!/bin/sh
INPUTFILE=/var/adm/kids.txt

for name in `cat $INPUTFILE`
do
     kill -9 `ps -ef | grep $name | grep -v grep | awk '{print $2}' `
done

exit

# End of script

then edit your crontab, to make it looks like:
30 23  * * * /path-to/myscript >/dev/null 2>&1

man crontab
to learn more about crontab.
0
 
LVL 3

Expert Comment

by:mac_
Comment Utility
yuzh: I sure hope he has no kid named "joe" (would kill the joe editor) or "ache" (would kill apache) :P

-> ps -U $name looks better :P

Anyways, I have the feeling oregonisonline's problem is a Windows problem, not a Unix one.
0
 

Author Comment

by:oregonisonline
Comment Utility
Since it appears that there is no "graceful" way to make this happen with Linux, I'm gonna go the Windows route.  

Not too happy about that though.

Thanks for all of the great posts.  Yuz came the closest to what I was looking for so points awarded to him.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Currently, there is not an RPM package available under the RHEL/Fedora/CentOS distributions that gives you a quick and easy way to allow PHP to interface with Oracle. As a result, I have included a set of instructions on how to do this with minimal …
This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now