On Sun, 2003-09-14 at 06:22, Wouter DeBacker wrote: > Can Linux/LTSP be configured to prevent a user to login more > than once? If so, how is it done? > > Regards, > Wouter DeBacker
Wouter, the answer depends on the distribution you use on your server, but most likely the answer is yes. If your system uses pam, see /usr/share/doc/pam-0.75/txts/README.pam_limits. In a nutshell, your login program uses /etc/pam.d/system-auth to determine if you are allowed to sign in. The following line requires all successful sign-ins to call pam_limits.so: session required /lib/security/$ISA/pam_limits.so pam_limits.so enforces the limits given in /etc/security/limits.conf. For example, the following two lines will limit members of the "student" group to a single session, except for the student named "wouter", who gets 50: @student - maxlogins 1 wouter - maxlogins 50 Note that pam_limits.so is a "session" service, not an "auth" service. If a user signs in a second time, the signin is *successful* but will end a few seconds later, before any of the usual session startup scripts start. There are three side effects you will see. - users will not get the usual "jiggly window" warning that they mistyped their password. Instead, they will get "Authentication Denied" in a popup. -limits won't increment the failed-login counts, so you won't have to reset passwords of stubborn users -you will see entries like the following in your system log: Sep 17 17:36:26 server gdm(pam_unix)[19302]: session opened for user testuser by (uid=0) Sep 17 17:36:26 server gdm-binary[19302]: Couldn't open session for testuser Sep 17 17:36:31 server pam_limits[19302]: Too many logins (max 1) for testuser Regards, David ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
