Many thanks for the quick responses from Stan Horwitz, Hannes Visagie, John
Galt, Kevin Fleming, Oisin McGuinness and Jason Neil.
Originally, my posting included a statement that with a session limit hack
in /etc/profile, and during peak periods, was causing the login process to
climb as high as 3 minutes. I did not believe this but was forced to seek
other alternatives based on what senior and VP management from the contract
side (not EDS) were reporting based on some obscure report they read.
Fortunate for me, I was able to convince them to allow me to try the code
snippet below. It is a combination of what I had tried and the suggestions
from the responses received and is successfully running with no apparent
"lag" during login.
I chose to place the following code at the top of /etc/profile to limit
users to one login session unless listed in an exclude list. I tested and
timed this thoroughly to assure those that made the 3 minute login response
claim, can no longer make same. There is no noticeable difference in login
times with or without this modification.
#---------------------- START SESSION LIMIT ----------------------
EXCLUDELIST="/etc/profile.session.exclude"
if [ `grep -w $LOGNAME $EXCLUDELIST` ]; then
:
else
LOGCNT=`who | grep -w $LOGNAME | wc -l`
if [ "$LOGCNT" -gt "1" ]; then
clear
echo "\n\n\n...Only ONE session allowed per user...\n\n\n"
exit 1
fi
fi
#----------------------- END SESSION LIMIT -----------------------
ORIGNAL POSTING:
On Fri, 2 Nov 2001, Sylvester, Dennis wrote:
> Good morning!
>
> We have a GS160 running 4.0G (5.1a coming soon) and need to limit login
> sessions to 1 unless an individual is listed in an exception list. I have
> scoured the archives and did find what is essentially the same solution we
> have tried; adding a routine in /etc/profile to check if the user is
already
> logged in via a "who/grep" combination. This solution was unacceptable
> since we, on average, have almost 1500 users active at any given time.
This
> is complicated by the fact that most of the thousands of processes running
> are MFCOBOL (rts32) and consume all of the cpu cycles in system with
> fidslock (we are working this with Compaq, but that is a different issue)
> thus causing the login process to take, on average, 3 minutes with this
type
> of login checking at peak periods during the day.
>
> Question: Is there a different solution anybody has successfully tried to
> limit the number of active sessions a user is allowed without resorting to
> running a "who/grep" combination for the user from within the
/etc/profile?
Dennis J. Sylvester
Infrastructure Specialist, Sr.
EDS - Core US Infrastructure
WorldCom Infrastructure Delivery
Eastern Region Technology & Engineering
P.O. Box 32
Yuma, AZ. 85364
* phone: +01-520-376-0852
* Dennis.Sylvester_at_eds.com
numeric page: 888-589-0250
alpha page: 6025916000.0001915_at_pagenet.net
IM: YumaNights
Received on Thu Nov 08 2001 - 14:50:14 NZDT