login.conf changes not being effected
I've been trying to test out some features in /etc/login.conf. I created a user test, in a login class kids. I edited /etc/login.conf to include: kids:\ :daytime=10:\ :tc=default: I ran cap_mkdb /etc/login.conf, and tried logging in as test. I assumed that the user would be logged off in 10 seconds, but this did not happen. I added: :sessiontime=10: and reran cap_mkdb. Still no effect. I reran cap_mkdb -v /etc/login.conf and received a confirmation message. I have read, and reread the manpages, googled, searched freebsd.org, bsdforums.org, etc., and have found that others are experiencing the same problem. I have not found any solution yet. Is there something I am missing? My goal is to be able to restrict login times and duration. I am running 4.9 on a celeron 1.3, 256 mb. Thanks for any help. Phil __ Post your free ad now! http://personals.yahoo.ca ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: login.conf changes not being effected
[login.conf] goal is to be able to restrict login times and duration. 1. First of all, /etc/login.conf doesn't apply for ssh logins. Only the login(1) program reads this. Not sshd or other daemons. 2. As far as I can remember, you _can_ restrict the time of day for logins by setting times.allow and times.deny Last time I checked (some 6 months or so ago), it worked. 3. AFAIK, you can't enforce the duration of the login. login.conf(5) says: Note that login(1) enforces only that the actual login falls within peri- ods allowed by these entries. Further enforcement over the life of a session requires a separate daemon to monitor transitions from an allowed period to a non-allowed one. 4. To enforce time-of-day logins in a more general way (a.k.a for sshd, telnetd, ftpd, etc...), you need a PAM module. Which one or where, I don't know. -- Cordula's Web. http://www.cordula.ws/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: login.conf changes not being effected
On Sat, Dec 13, 2003 at 12:50:55PM -0500, Phil Murphy wrote: I've been trying to test out some features in /etc/login.conf. I created a user test, in a login class kids. I edited /etc/login.conf to include: kids:\ :daytime=10:\ :tc=default: I ran cap_mkdb /etc/login.conf, and tried logging in as test. I assumed that the user would be logged off in 10 seconds, but this did not happen. I added: :sessiontime=10: and reran cap_mkdb. Still no effect. I reran cap_mkdb -v /etc/login.conf and received a confirmation message. I have read, and reread the manpages, googled, searched freebsd.org, bsdforums.org, etc., and have found that others are experiencing the same problem. I have not found any solution yet. Is there something I am missing? My goal is to be able to restrict login times and duration. login caps for duration didn't work as advertised last time I checked, idled from the ports can help with this. -- Jez Hancock - System Administrator / PHP Developer http://munk.nu/ http://jez.hancock-family.com/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]