> i would just like to ask advise if its possible to ensure that a
> particular user can only have a single session at a time
> e.g. user1 is logged in workstation 1 therefore he isnt allowed to log
> in to workstation2
This might not be the solution you're looking for as it is just some
home-brewed scripting (off the top of my head, I don't have access to an LTSP
system for testing until in a week or so). There might be an easier way, I
don't know.
NB! Before doing this make absolutely sure that you have a non-graphical way
of logging yourself in as root (either by SSH from a standalone computer (not
LTSP terminal, unless you use the special SSH runlevels) or by physical
access to server). If you accidentally block off any graphical login (which
is actually quite likely, all you need is a syntax error in the script), you
need a way to correct it.
Basically we insert our own custom script into the Xsession startup scripts.
This means that logging in _graphically_ through X is restricted (only
allowed once, until you're completely logged out again), however logging in
through other means (getting a console from the desktop system, telnet or
SSH, etc.) is accepted, this is probably what you want.
In Debian at least (probably in others too), inserting a graphical session
startup script is easy. In /etc/X11/Xsession.d/ there is a bunch of scripts
that are run in the order they are numbered by on X startup. Simply drop in a
new file called "10prevent-multiple-logins" (if your system doesn't have
/etc/X11/xsession.d/ you will have to insert the code into your xsession
script some other way, investigate /etc/X11 and the Xsession script in the
config directory of your login manager (/etc/X11/xdm, /etc/kde3/kdm, or
wherever gdm is located)).
# Simple script for disallowing starting a new graphical session
# if already logged in
# Get how many times we are logged in
logincount=$(who | grep -c "^$(whoami)")
# If we are logged in more than the session we're in right now, log out
if [ $logincount -gt 1 ]; then
# If using KDE
kdialog --error "Sorry, your're already logged in!"
# Or if using GNOME:
gdialog --msgbox "Sorry, you're already logged in!" 30 45
exit
fi
And that's it. Not very secure I'm sure, the point is just to prevent casual
mulitple logins, as the poweruser capable of working around this probably
knows what he or she is doing in the first place and should be allowed...
Note that if the user doesn't log out cleanly (like, power off without logging
out at the terminal) then he or she won't be able to log in again before the
login manager has expired the session (that's about 15 minutes with my KDM
settings).
Hope it helps! (Some feedback on this would be nice, I have not tried it in
practice, only on my laptop, and it would be fun to know if it worked
satisfactorily).
// Dag Sverre
-------------------------------------------------------
This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA
REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
