- 论坛徽章:
- 0
|
如何限制不同终端只能以不同用户登陆
我这里做了一个小程序是针对所有用户的登录时间做限制,大家
可以试一试
由两个文件组成profile和loginfo
******profile文件内容 ,注意:先将/etc/profile做好备份,然后再将此文件拷入
#!/bin/sh
# The following was generated from
# NLS/en/adm.gen
#
MF_ADM=adm.cat@Unix
#
MS_PROFILE=1
MSG_MAIL=1
:
#@(#) profile.sh 26.1 95/07/25
#
#Copyright (C) 1988-1995 The Santa Cruz Operation, Inc.
#All Rights Reserved.
#The information in this file is provided for the exclusive use of
#the licensees of The Santa Cruz Operation, Inc. Such users have the
#right to use, modify, and incorporate this code into other products
#for purposes authorized by the license agreement provided they include
#this notice and the associated copyright notice with any such product.
#The information in this file is provided "AS IS" without warranty.
#
#ident"@(#)adm:profile1.10"
trap "" 1 2 3
umask 022
case "$0" in
-sh | -rsh | -ksh | -rksh)
# if not doing a hushlogin, issue message of the day, if the file is out there
[ "X$HUSHLOGIN" != "XTRUE" ] && [ -s /etc/motd ] && {
trap : 1 2 3
echo ""# skip a line
cat /etc/motd
trap "" 1 2 3
}
# setting default attributes for terminal moved to ~/.profile, so
# each user has individual control over these characteristics
# if not doing a hushlogin, check mailbox and news bulletins
if [ "X$HUSHLOGIN" != "XTRUE" ]
then
[ -x /usr/bin/mail ] &&{# if the program is installed
[ -s "$MAIL" ] && \
dspmsg $MF_ADM -s $MS_PROFILE $MSG_MAIL '\nyou have mail\n'
}
if [ "$LOGNAME" != "root" -a -x /usr/bin/news ]# be sure it's there
then news -n
fi
fi
;;
-su)
:
;;
esac
#trap 1 2 3
lab=0
name=`who am I | awk '{print $1}'`
dev=`who am I | awk '{print $2}'`
config_file=/etc/logport/loginfo
if [ ! -r $config_file ]
then
echo "没有 $config_file 文件,请与系统管理员联系 "
exit 1
fi
#get line of config: guest tty63e 1234567 08 00 12 00
config_detail=`cat $config_file|grep $dev`
#echo $config_detail
#check detail, -z 检查变量是否存在, 长度为零返回真
if [ -z "$config_detail" ]
then
echo "没有设置用户和用户登录时间限制参数!"
else
config_user=`echo $config_detail|awk '{print $1}'`
config_term=`echo $config_detail|awk '{print $2}'`
config_week=`echo $config_detail|awk '{print $3}'`
config_start_hour=`echo $config_detail|awk '{print $4}'`
config_start_min=`echo $config_detail|awk '{print $5}'`
config_end_hour=`echo $config_detail|awk '{print $6}'`
config_end_min=`echo $config_detail|awk '{print $7}'`
#echo "config_user=" $config_user
#echo "config_term=" $config_term
#echo "name=" $name
#echo "dev=" $dev
if [ $config_user != $name ]
then
echo "\n\tThe user $name can not login on this port"
echo "\n\t 对不起,用户 $name 不能登录此端口"
echo "\n\t *********************************"
exit 1
else
ww=`date +%w`
# 得到当前星期几
aa=`date +%H`
# 得到当前时间的时值
bb=`date +%M`
# 得到当前时间的分值
hm=`expr $aa \* 60 + $bb`
# 把当前时间化成分值
lab=0
awk -v hm1="$hm" -v ww1="$ww" \ '$3 !~ ww1 {exit 1} {stime=$4*60+$5; etime=$6*60+$7} {if(hm1< stime || hm1>;etime) {exit 1}}' /etc/logport/loginfo || lab=1
if [ $lab -eq 1 ]
# 如果不在工作时间内登录则退出
then
echo "\n\t You must login in working time"
echo "\n\t 对不起,您必须在工作时间内登录此端口"
echo "\n\t ************************************"
exit 1
fi
fi
echo "\n\t 用户 $name 登录此端口"
echo "\n\t 您的工作时间为 $config_start_hour时 $config_start_min分 至 $config_end_hour时 $config_end_min分"
echo "\n\t ********************************************"
fi
#awk -v name1="$name" -v dev1="$dev" \ '$1 == name1 && $2 != dev1 {exit 1}' /etc/logport/loginfo || lab=1
#if [ $lab -eq 1 ]
# 和信息配置表中相应字段对比
#then
#echo "\n\tThe user $name can not login on this port"
#exit 1
#fi
trap 1 2 3
在/etc目录下建立一个logport目录,将loginfo文件放入其中
loginfo文件内容解释如下
用户名 所登录的端口名 星期 开始登录时间 结束登录时间
root tty11 0123456 08 00 20 00
root tty01 0123456 07 00 23 00
root tty02 0123456 07 00 23 00
guest tty12 123456 08 00 20 00
最后提醒大家要注意 loginfo文件的读的权限 |
|
免费注册
发表于 2003-01-15 20:42
