Re: restricting login times
On Mon, Mar 25, 2013 at 3:11 PM, Bob Proulx <bob@proulx.com> wrote:
> Joel Rees wrote:
>> I know this is the wrong way to solve the underlying problems, but
>> sometimes brute force is required.
>
> If I were doing that by brute force then instead of using PAM I would
> use cron to create and remove a /etc/nologin file. See 'man 5 nologin'
> for details of the file. But something like this:
>
> 0 17 * * * echo "No logins allowed now." > /etc/nologin
> 0 5 * * * rm -f /etc/nologin
>
> That would be brute force. Create the nologin file when you want and
> remove it when you want.
>
> Bob
Except that if you have root login disabled and you have to login in
the middle of the night, you have to use a local exploit.
However, I did consider setting cron to invoke a script to check for
logins every two minutes during the banned time period.
Putting a trap in the global postlogin script is another possibility.
But if time.conf is functional and I want to claim to be competent
with administrating Linux, I guess I'd better learn how to get it
working.
--
Joel Rees
Reply to: