forked from cschuber/doinkd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
120 lines (103 loc) · 6.23 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
doinkd - Idle Deamon
Author: Lott Caskey
Copyright 2006
Original Author: Michael Crider
Copyright 1996 under name Idled
INTRODUCTION
doinkd is a "daemon" that runs on a machine to keep an eye on current
users. If users have been idle for too long, or have been logged on for
too long, it will warn them and log them out appropriately. The types of
checks that doinkd performs are the following:
maxuser: *NEW* If a declared number of sessions, either by group or
userid, are active, that user and subsequent users/sessions
are warned and their sessions are terminated.
idle: If a user is idle more than their allotted time, as
specified by the doinkd configuration file, he/she will be
warned. If no action has taken place during the warn
time, the user will then be logged out.
session: If a user is logged on for longer than the allotted
time, he/she will be warned and logged out in
'warntime' seconds if the user is still logged on
then.
multiple: If too many user sessions are active (ie. many users
logged on, or some users logged on many times), doinkd
will choose X many sessions for each user to keep,
warning the others, and logging those out in 'sleep'
seconds (such as 120) if there are still too many
logged in then. X is either specified as a number
of multiples per user, or is proportional to the
threshold of sessions before multiple logouts are
in effect.
refuse: If a user matches this setting, doinkd will terminate
the user's session after about a 5 second warning.
The basically "refuse"s access for that user (or
tty, or group) to the machine, though there may be
some time allowed when doinkd is sleeping between
checks.
FEATURES
doinkd is configurable without recompilation for its settings, such
as the maximum allowed idle times, session limits, thresholds before
session limits and multiple login checks begin, and also the important
exemption lists. The configuration file is automatically re-read every
'sleep' seconds (specified in the configuration file). If the
configuration file missing or contains errors when doinkd attempts to update
its configuration, it will simply report the errors to its log file and
continue normal operation, either with its previous settings (in the event
of the file not being there or not being readable) or with all valid
settings (in the event of errors in the conf file). doinkd must exit,
however, if the configuration file is doesn't exist or is not readable when
it first starts, and will also exit at the start if there are errors in the
configuration file (since they should be fixed then).
Exemptions can be set for any user, group, host the user is logged
in from, or tty for any of the checks that doinkd performs, such as allowing
idle timeouts to default to 60 minutes for everyone, but exempting the
'staff' group from these timeouts.
doinkd has the ability to handle the console as special, so that
X-Windows environments can have appropriate settings. The special handling
includes giving an idle time, session limit, and allowed multiple logins
specifically for the user on console. All of these logout checks can also
be disabled for the windows owned by the user on console. Idle activity is
found by checking the keyboard and mouse if the user is in X-Windows.
Special checking is also done to see if the person on console is running
xlock (or some terminal locking program--the name is configurable at
compilation time) and logging the user off if the xlock program runs longer
than the allowed console idle time. The special xlock check prevents users
from running xlock and leaving the terminal for a long period of time, but
not getting logged off, since other users may press a key or move the mouse
to see if the machine is available, and in doing so makes the logged in
user no longer idle. See TODO file for a comment on xlock. doinkd also has
the ability to work with some implementations of XDM.
The configuration file's path may be specified on the command line,
so that one executable can be used on multiple machines with different path
structures. Also, doinkd can read in separate files (specified in the config
file) to get a list of users to apply a timeout/session/refuse/exempt command
to.
SYSTEMS
Idled was written and tested extensively on Solaris 2.x. Patches
and good fortune have expanded it to HP-UX, SGI, Linux, AIX, BSDI, BSD/OS2,
BSD (specifically SunOS 4.x), Ultrix, and DIGITAL Unix. It may also work on
other OS's.
Future developement of doinkd will be geared primarily toward BSD, Linux,
SCO OpenServer and SCO Unixware systems with limited support for other similar
style OS's.
Note: The xlock checking is not functional on some systems.
On BSDI and BSD/OS2, the console user will be killed
instanting if an xlock is running at all (if checking is
enabled in Makefile). SunOS 4.x may not log off users on
console and not in openwin.
ACKNOWLEDGEMENTS
doinkd is largely based on the code developed by Michael P. Crider called
Idled. The software has been such a great implimentation of monitoring user
idle times that we decided to further extend its functionality while trying to
keep the original authors views and developement plan in mind.
Idled originally was heavily based on the code from Untamo 3.
We give many thanks to Craig Bishop of Deakin University for his rework of
the original Untamo, as well as many thanks to Andy Wilcox and Marc Megel
of Purdue University for their hard work on the original Untamo. Idled
certainly would not have all the functionality it has if it was not for
these people.
AVAILABILITY
doinkd can be downloaded from 'http://sourceforge.net/projects/idled'.
idled was last available from the orignal author at
'http://www.darkwing.com/idled'. And is also being supplied at the
Source Forge page for reference purposes.