on Wed, Dec 26, 2001 at 04:34:53AM -0800, Petre Daniel ([EMAIL PROTECTED]) wrote:
> Ok, i promise next year i'll take a look on the many shell scripting
> tutorials,
...see also the <Shift>-Key HOWTO, and the Spacing-After-Punctuation
Mini-HOWTOs.
> but until then i need a script that checks periodically for processes
> belonging to users not presently logged in and kills them. Like
> someone would leave a wget in background..and i want it after the user
> logs out to be killed ;-)) you get the point.. thx again
- How are users logging into the box? Shell access, remote X11, local
console? Is this a classroom setting?
- How are users running "background" processes? Shell job control,
'nohup', batch, at, or cron?
- What users are allowed to (not) run processes when they're not
logged in directly. I'd suggest you list these explicitly.
- Are there reasons to run processes, or processes which can be run,
while a user's not at the console or actively logged in? Compiling,
long downloads, scientific programming, or other types of processing
may be legitimate. There are tools (ulimit, quota, nice) which can
be used to restrict use of resources. Using system scheduling tools
(cron, batch, at) can help level out system load on shared systems.
I'd strongly recommend you learn the rudiments of shell scripting.
To get a list of logged-in users, 'w' or 'who'. Filter through sed,
awk, or perl to get the userid, and sort/uniq to get a distinct list.
To kill all a users' processes, there's the 'slay' command. For more
prejudicial use, I'd recommend 'kill' against an offensive-processes
list. Netscape comes to mind as particularly ill-behaved.
One system comes to mind. I'll outline it and leave implementation to
Petre.
- /usr/local/etc/noremote: file of users who can't run processes
while not logged in.
- /usr/local/etc/noremoteprogs: file of programs which can't run
while the controlling user is not logged in.
- Get a list of currently logged in users.
- Get a list of processes belonging to users in the 'noremote' list.
- Get a list of processes belonging to the 'noremoteprogs' list.
- Scrub both process lists against currently logged in users.
- Kill what's left.
Test thoroughly before deploying.
Implement as a regularly scheduled cron job, say, every 10-15 minutes.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What part of "Gestalt" don't you understand? Home of the brave
http://gestalt-system.sourceforge.net/ Land of the free
We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org
Geek for Hire http://kmself.home.netcom.com/resume.html
pgpE6UjRjjGNf.pgp
Description: PGP signature
