SUMMARY Kill Script to remove lat terminals, and telnet sessions

From: digiunix <digiunix_at_mindspring.com>
Date: Wed, 29 Dec 1999 18:23:23 -0600

On Thu, 23 Dec 1999 digiunix_at_mindspring.com wrote:

Howdie little Buckaroos!
Does anyone have a good kill script for kornshell.

I have lat connections and telnet sessions, I need to kill logon
sessions at 1:00am, but exclude a core group of people, like sysadmin,
database admin, etc. If possible I could use a kill script for informix
database logon connections also, excluding the database admin.

HERE IS WHAT I DID

I wanted to kill off the lat connections after the DBA on informix
kicked off the users from database
Late at night, and then I would do the cleanup on the lat connections
that were still there. We had 200 lat connections and over 30 pc
connections on tty.

I used Marco.Luchini_at_acco-uk.co.uk . This will disallow or grep out what
I don't want killed off which would be root, informix, and a few key
people that should stay logged onto the system.

ALLOWED_LIST="root|sysops|dba"
kill `ps aux | grep -v grep | grep -v -E "$ALLOWED_LIST" | awk '{print
$2}' `

and then added some more to it.

Here is the script and crontab entry

#!/bin/ksh
# test.kill.ksh

ALLOWED_LIST="root|informix|sam|doug|what's his name"

# list of lat and tty processess that will be killed dumped to log file!

ps -ef | grep -v grep | grep -v root | grep tty | grep -v -E
"$ALLOWED_LIST” >> /usr/dgital/test.kill.log 2>&1
ps -ef | grep -v grep | grep -v root | grep lat | grep -v -E
"$ALLOWED_LIST” >> /usr/digital/test.kill.log 2>&1

# lat and ttyp processes that will be killed at night

# kill `ps -ef | grep -v grep | grep -v root | grep tty | grep -v -E
"$ALLOWED_LIST” | awk '{print $2}I’` >> /usr/digital/test.kill.log 2>&1
# kill `ps -ef | grep -v grep | grep -v root | grep lat | grep -v -E
"$ALLOWED_LIST” | awk '{print $2}I’` >> /usr/digital/test.kill.log 2>&1


To test the script do the following
# ksh -x test.kill.ksh


---------------------------------------------------------------------------------------------------------------------

Here were the suggestions

Lucio Chiappetti lucio_at_ifctr.mi.cnr.it
It was written by some guy farrell_at_pangea.Stanford.EDU (or perhaps
reynolds_at_icgmfg.mke.ab.com), so I suppose you should ask them for the
source.

---------------------------------------------------------------------------------------------------------------------

Marco.Luchini_at_acco-uk.co.uk

ALLOWED_LIST="root|sysops|dba"
kill `ps aux | grep -v grep | grep -v -E "$ALLOWED_LIST" | awk '{print
$2}'
`
sleep 10
kill -9 `ps aux | grep -v grep | grep -v -E "$ALLOWED_LIST" | awk
'{print
$2}' `
is what we use. Customise at leisure with various "wall" commands to
warn
people etc. You might also want to
cat << EOF > /etc/nologin
No logins allowed at this time
EOF

to prevent them getting back on. If the users are getting via an rexec
to the database though, that won't be enough and you'll have to switch
your database authorization file with a restricted one.

---------------------------------------------------------------------------------------------------------------------

Kurt Carlson <kcarlson_at_arsc.edu>

there is a kill script included in the examples directory of:
http://www.arsc.edu/~kcarlson/software/Software.html#uakpacct
using the included uaklogin program. kurt

---------------------------------------------------------------------------------------------------------------------

also www.ugu.com (big unix site)
Universe Guru

Administrative tools

http://www.ugu.com/sui/ugu/show?I=software.admintools&F=1111111111&G=Y







--
--------------------------------------------------------
Larry A. Magnello  larry.magnello_at_usa.net
Unix System Administrator TRU64 Unix System Administrator
DEC Unix, Solaris Unix, HP Unix, Linux Unix Sco Unix
Veritas Volume manager, DEC Logic Storage Manager
http://halite.westal.com/webstuff/fadein.html
--------------------------------------------------------

Received on Mon Jan 03 2000 - 09:57:41 NZDT

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:40 NZDT