[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: watchdog
From:       Julian Assange <proff () suburbia ! net>
Date:       1996-03-23 22:50:37
[Download RAW message or body]

> 
> 	There was an idle killer out years ago called "untamo"
> which should be in the comp.sources.something archives. It mostly
> worked fine. All such schemes are vulnerable to users who want
> to spoof them so that the rules no longer apply to them, but
> that's a social problem best not solved with software.
> 
> mjr.

I wrote a rather full featured one called "hidleho"
(suburbia.net:/pub/proff/original/chalace+hidleho*) a while back.

Suffering from a smattering of bit rot now but does the job.

(example config file below)


#/etc/hidleho.cnf is the configuration file for hildeho.
#
# the uid	variable defines what user hidleho should run as for its
#		maintenance functions. you must ensure that all of 
#		hidleho's config files and directories are owned by uid
Uid 		hidleho
#
# TtyUid	varible defines what user owns the vacant ttys.
TtyUid		root
#
# UserBase	variable defines the directory to hold the per-user config
#		directories and sub-files.
UserBase	/usr/hidleho
#
# GroupBase	variable defines the directory to hold the group-wide config
#		directories and sub-files.
GroupBase	/usr/hidleho
# DeniedMsg	File printed to tty when a user is denied access ('-' flag)
DeniedMsg	/etc/hidleho.denied
# BorrowGrace	Grace for logoff when lines are full.
BorrowGrace	2
#
# the def_term	variable defines what the enviromental variable TERM should
#               be set to if hildeho is unable to obtain the terminal type
#		from the remote connection, /etc/gettydefs or ~/.termtype.
Term		vt100
#
#the ttys	variable defines the ttys to monitor if the users "B" flag
#		is set. Also effects the "C" flag.
ttys		ttyS0 ttyS1 ttyS2 ttyS3 ttyS4 ttyS5 ttyS6 ttyS7 ttySb
#
#the weights	variable defines the multiplicative weight applied to
#               the effective calculated call time for the ttys specified
#		by ttys:
weights		1 1 1 1 1 1 1 1 1 1
#the warn_t	variable defines the t- times at which the user will be warned
#		of approching total timeout (up to 10 parameters)
warn_t		10 1
#the warn_i	variable defines the t- times at which the user will be warned
#		of approching idle timeout (up to 10 parameters)
warn_i		3 2 1
#
# Description of general parameters:
#
#	Name	= 	user name, or the pseudo-name "default:", or a
#			/etc/group name terminated with a trailing "+".
#	Total	=	total number of minutes the user is allowed on-line.
#	InIdle	=	how long for idle timeout, if no user input
#	OutIdle =	how long for idle timeout, if no system output
#	TimeLim =	the amount of time granted per time segmant
#	TimePer = 	the size (in time) of a time period/segmant
#	Exclude = 	minutes to exclude the user for on logout (B & C)
#	Flags	=	lower case alphabetical = FALSE, upper case = TRUE
#	        I	=	send user Information at login time
#		i	=	do not		"
#		W	=	send disconnection warnings to terminal
#		w	=	do not		"
#		K	=	kill all users tasks system wide
#		k	=	kill all users tasks tty wide
#		A	=	ask user for terminal type
#		a	=	do not 		"
#		B	=	allow user to exist on borrowed time
#		b	=	do not		"
#		C	=	total timeout only on a Configured ttys:
#		c	=	total timeout on all ttys
#		E	=	exclusive idle on. if (idle_in || idle_out) idle()
#		e	=              "      off. if (idle_in && idle_out) idle()
#		T	=	timer on.
#		t	=	timer off, just exec shell after auth/term/info.
#		N	=	permit negative time left
#		n	=	do not permit negative time left (timeleft = 0 if negative)
#		U	=	unlimited negative time
#		u	=	negative time limited to -TimeLim
#		D	=	debug info to syslog
#		d	=	debug mode off
#		-	=	prevent user/group from loging in.
#		+	=	allow user/group to login.
#
#	Shell	=	filename to execute
# n.b an "*" specified in any but the Name parameter field acts as a place
#     holder.
#Name	Total	InIdle	OutIdle	TimeLim	TimePer	Exclude	Flags	Shell
#
default: 40 	10	10	2h	1d	0	nuTIWKABcE+	/usr/local/lbin/guest_login
unpaid+	 40 	10	10	4h	28d	10	KbEc 	/bin/tcsh
donate+	 45 	10	10	2h	1d	5	B	/bin/tcsh
sponsor+ 45	10	10 	2h	1d	4	B	/bin/tcsh
oldsponsor+ 90	20	15	4h	1d	4	*	/bin/tcsh
user45+   45	*	*	90m	1d	*	*	*
user90+   90	*	*	180m	1d	*	*	*
user150+  150	*	*	5h	1d	*	*	*
user180+  180	*	*	6h	1d	*	*	*
user250+  250	*	*	8h	1d	*	*	*
userunl+  1d	*	*	1d	1d	0	*	*
special+ 52w	20	20	0 	0 	0	eTiWka+ /bin/tcsh
staff+	 52w	2h	2h	0 	0 	0	eTiWka+ /bin/tcsh
volstaff+ 4h 	*	*	4h 	1d 	0	E 	/bin/tcsh

-- 
"I mean, after all;  you have to consider we're only made out of dust.  That's
 admittedly not  much  to  go  on  and  we  shouldn't  forget  that.  But even
 considering, I mean it's sort of a bad beginning, we're not doing too bad. So
 I personally have faith that even in this lousy situation we're faced with we
 can make it. You get me?" - Leo Bulero/PKD
+---------------------+--------------------+----------------------------------+
|Julian Assange RSO   | PO Box 2031 BARKER | Secret Analytic Guy Union        |
|proff@suburbia.net   | VIC 3122 AUSTRALIA | finger for PGP key hash ID =     |
|proff@gnu.ai.mit.edu | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 |
+---------------------+--------------------+----------------------------------+

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic