>> HOWEVER, in the commercial realm, when dozens of clerks are
>> logged into a system, it is often useful (for tracking, auditing
>> or consistency, etc.) to only let a clerk log into a system once.
[...]
>But if I wanted to wreak havoc on the tracking system, I'd just open
about
>11 bash shells, scores of rxvts, and a few instances of Netscape. That
>way, I'd have lots of possible input methods on a *single* login.
I think you're confusing a tightly run highly centrally managed
environment with the mayhem which can be possible. True, in a
"relatively" open office you could create problems. But if you simply
put a quick check for the user logname against a match with any line
from the who command in the system wide profile you could kick out the
login. (Note: this is probably harder than it sounds here. But it's
always easy for the guy who doesn't have to make it work.)
To keep the situation controlled you can forgo the whole desktop idea
and just start xwindows and the data entry application from the
~/.bash_profile. They exit that app and get logged right back out.
If you really have a bunch of people moving around to different
workstations you probably want to set up xdm so that the desktop box is
merely running X and the users is actually logging in to a server rather
than the local machine. (A poor man's X terminal if you will.)
Of course, if it's a curses based data entry program you need no X at
all.
Overall, it's certainly "doable", though not really trivial if you need
X, to keep people from logging in the central server more than once.
It's actually trivial if your data entry program is curses based and you
use "dumb terminals" to run the app. But the original poster needs to
keep in mind that there isn't a "centrally managed domain" like the NT
model. In NT a central server is in control of the login of the local
workstation. One could set up a remote authorization server and plow
through all of this in LM, but it's a bunch of work. I don't think any
Linux distribution (or, for that matter, any commercial Unix
distribution) ships with that kind of configuration available out of the
box.
Michael
