[Gllug] Multiple logins with NIS/YP
Dylan Brewis
dylan at exoletus.fsnet.co.uk
Wed Feb 13 17:26:05 UTC 2002
On Wednesday 13 February 2002 00:59, you wrote:
> I think more to the point is why restrict people to one login at a time?
> And if you do restrict people how do you handle a zombie session if/when
> one occurs?
>
There are at least two daemons which automatically log out idle logins, if
you folow me, and I'm sorting out getting one of those on stream since I
regularly need to log out abandoned machines (kids and techno-dunces)
> At this late hour I can't think of how to make a secure means of managing
> lock files without making some little daemon running as a special
> (non-login) user to write/remove lock files for the machine (even one for
> the whole network if you're not using file sharing for some silly reason).
> I think it's past my bed time; there must be a simpler answer. Maybe a SUID
> script and careful file permissions would suffice (although I don't really
> like SUID scripts on principle).
>
> <pedant>
> I also think that David's got his nomenclature mixed up and while it's true
> that slaves don't know what other slaves are doing most machines wouldn't
> be slaves (in any sane set-up). Slaves replicate the NIS files; whereas
> most machines would be better described as clients. All the doco that uses
> slaves and YP/NIS together uses it exclusively for something that could be
> roughly termed a proxy.
> </pedant>
>
> Ooooh it is late; I'm getting all picky about pointless crap.
>
> Richard
>
> > -----Original Message-----
> > From: gllug-admin at linux.co.uk [mailto:gllug-admin at linux.co.uk]On Behalf
> > Of Dylan Brewis
> > Sent: Tuesday, February 12, 2002 11:54 PM
> > To: gllug at linux.co.uk
> > Subject: Re: [Gllug] Multiple logins with NIS/YP
> >
> > On Tuesday 12 February 2002 23:32, you wrote:
> > > On Tuesday, 12 Feb 2002, Dylan Brewis wrote:
> > > >After much faffing, and accelerated hair loss, I've finally got NIS
> > > >functioning BUT...
> > > >It allows the same user to log on to more than one client at the same
> > > > time. Not a desirable situation!
> > >
> > > Bear in mind that YP really only passes information from the YP master
> > > to the slaves, not vice versa or between the slaves - hence, one slave
> > > has no way of knowing what's happened on another.
> > >
> > > If you mount home directories via NFS you could do something evil with
> > > user's login scripts and a lockfile in their home directory, but I
> > > would not advise that.
> >
> > er... why not, and how would I do it anyway?
> >
> >
> > --
> > Gllug mailing list - Gllug at linux.co.uk
> > http://list.ftech.net/mailman/listinfo/gllug
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list