Problem with limiting logins to one in AIX 5.3 Post: 302116072

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Limiting access

Hi, I'm new to linux and unix, and i have couple of problems: 1) how can i limit the access for a user, for example, i created a user, and i want that this user will be able to be only in one directory, and will see only the files i want him to. 2) I have a domain name, and i want that every...

2. UNIX for Dummies Questions & Answers

question about limiting the display from the ls command

hey guys im rly new to unix. im attempting to list the 5 largest files in a directory. so i got this far... ls -lR | sort -r and this lists all files by filesize, how can i limit this to only the 5 largest?

3. UNIX for Dummies Questions & Answers

Problem with 'ghosted' logins.

I'm using a FreeBSD 5 x86 system. I have no users aside from root and my normal login, ie. the computer is not used by anyone other than myself. I find that I get two ghosted logins after running KDE. These logins have no processes attached to them and `who` reports that they came from my...

4. HP-UX

limiting failed logins to three

I have tried limiting failed logins to three by the following method logins -ox \ | awk -F: '($8 != "LK" && $1 != "root") { print $1 }' \ | while read logname; do /usr/lbin/modprpw -m umaxlntr=3 "$logname" done /usr/lbin/modprdef -m umaxlntr=3 but it is failing on the 4th... any ideas?...

5. HP-UX

Limiting SFTP Users While Not Limiting Regular Users?

Hi, I have searched the web and have come back with nothing that is satisfactory for what I require. SFTP is my corporations new file transfer standard. What I require is a method to lock down SFTP users to their directory (they may go to sub directories) while not restricting regular users. ...

6. AIX

AIX ftp/sftp script monitor to failed logins

Hi All, Any idea on how to write a script on AIX 5.3 to monitor ftp or sftp login failed. Thanks and more power, Itik

7. Solaris

Limiting Connections from a single IP

I'm looking for a way to limit connections to a Solaris 10 box from any single IP. The problem is that I've had more experience doing this with IPTables on Linux, rather than with IPFilter, which I've found to be somewhat feature-poor. I hope there is some way to do this using IPFilter, I've...

8. UNIX for Advanced & Expert Users

Limiting access to postqueue

Hi, I have a Debian 6 machine running Postfix 2.7.1. The email server works pretty well. I discovered that any non-root user can access to the mail queue using postqueue command just like root. How can I limit this access?

9. Shell Programming and Scripting

Limiting the Script

Greetings. I have script to monitor the disk space of folder it runs every 17 min with help of cron. It sends email when disk size reaches to 85 %. Now the issue is that it continousely generates email until we clear some space in that folder. Is it possible to restrict the Script to send only...

LEARN ABOUT SUSE

fuser

FUSER(1)							   User Commands							  FUSER(1)

NAME

       fuser - identify processes using files or sockets

SYNOPSIS

       fuser [-fuv] [-a|-s] [-4|-6] [-c|-m|-n  space ] [-k [-i] [-w] [-SIGNAL ] ] name ...
       fuser -l
       fuser -V

DESCRIPTION

       fuser displays the PIDs of processes using the specified files or file systems.	In the default display mode, each file name is followed by
       a letter denoting the type of access:

	      c      current directory.

	      e      executable being run.

	      f      open file. f is omitted in default display mode.

	      F      open file for writing. F is omitted in default display mode.

	      r      root directory.

	      m      mmap'ed file or shared library.

       fuser returns a non-zero return code if none of the specified files is accessed or in case of a fatal error. If at  least  one  access  has
       been found, fuser returns zero.

       In  order  to  look  up processes using TCP and UDP sockets, the corresponding name space has to be selected with the -n option. By default
       fuser will look in both IPv6 and IPv4 sockets. To change the default, behavior, use the -4 and -6 options. The socket(s) can  be  specified
       by the local and remote port, and the remote address. All fields are optional, but commas in front of missing fields must be present:

       [lcl_port][,[rmt_host][,[rmt_port]]]

       Either symbolic or numeric values can be used for IP addresses and port numbers.

       fuser outputs only the PIDs to stdout, everything else is sent to stderr.

OPTIONS

       -a     Show all files specified on the command line. By default, only files that are accessed by at least one process are shown.

       -c     Same as -m option, used for POSIX compatibility.

       -f     Silently ignored, used for POSIX compatibility.

       -k     Kill  processes  accessing the file. Unless changed with -SIGNAL, SIGKILL is sent. An fuser process never kills itself, but may kill
	      other fuser processes. The effective user ID of the process executing fuser is set to its real user ID before attempting to kill.

       -i     Ask the user for confirmation before killing a process. This option is silently ignored if -k is not present too.

       -w     Kill only processes which have write access. This option is silently ignored if -k is not present too.

       -l     List all known signal names.

       -m     name specifies a file on a mounted file system or a block device that is mounted. All processes accessing files on that file  system
	      are listed.  If a directory file is specified, it is automatically changed to name/. To use any file system that might be mounted on
	      that directory. Please note that due the required device ID comparision all mounted  file  systems  the  stat(2)	system	call  will
	      applied  to  every  file	system	even  on network file system (NFS).  If the NFS server does not respond or the network is down the
	      stat(2) may hang forever.

       -n space
	      Select a different name space. The name spaces file (file names, the default), udp (local UDP ports), and tcp (local TCP ports)  are
	      supported.  For ports, either the port number or the symbolic name can be specified. If there is no ambiguity, the shortcut notation
	      name/Ispace (e.g. 80/tcp ) can be used.

       -s     Silent operation. -u and -v are ignored in this mode.  -a must not be used with -s.

       -SIGNAL
	      Use the specified signal instead of SIGKILL when killing processes. Signals can be specified either by name (e.g. -HUP) or by number
	      (e.g. -1). This option is silently ignored if the -k option is not used.

       -u     Append the user name of the process owner to each PID.

       -v     Verbose  mode.  Processes  are  shown  in  a ps-like style. The fields PID, USER and COMMAND are similar to ps. ACCESS shows how the
	      process accesses the file. If the access is by the kernel (e.g. in the case of a mount point, a swap file, etc.),  kernel  is  shown
	      instead of the PID.

       -V     Display version information.

       -4     Search  only  for  IPv4  sockets. This option must not be used with the -6 option and only has an effect with the tcp and udp names-
	      paces.

       -6     Search only for IPv6 sockets. This option must not be used with the -4 option and only has an effect with the  tcp  and  udp  names-
	      paces.

       -      Reset all options and set the signal back to SIGKILL.

FILES

       /proc	 location of the proc file system

EXAMPLES

       fuser -km /home kills all processes accessing the file system /home in any way.

       if fuser -s /dev/ttyS1; then :; else something; fi invokes something if no other process is using /dev/ttyS1.

       fuser telnet/tcp shows all processes at the (local) TELNET port.

RESTRICTIONS

       Processes accessing the same file or file system several times in the same way are only shown once.

       If the same object is specified several times on the command line, some of those entries may be ignored.

       fuser  may  only be able to gather partial information unless run with privileges. As a consequence, files opened by processes belonging to
       other users may not be listed and executables may be classified as mapped only.

       Installing fuser SUID root will avoid problems associated with partial information, but may be undesirable for security	and  privacy  rea-
       sons.

       udp and tcp name spaces, and UNIX domain sockets can't be searched with kernels older than 1.3.78.

       udp and tcp currently  work with IPv6 and IPv4, but the address fields can only be IPv4 addresses.

       Accesses by the kernel are only shown with the -v option.

       The -k option only works on processes. If the user is the kernel, fuser will print an advice, but take no action beyond that.

BUGS

       fuser  -m  /dev/sgX  will  show (or kill with the -k flag) all processes, even if you don't have that device configured. There may be other
       devices it does this for too.

       fuser -m name may hang forever if there are NFS file systems mounted and one of the NFS servers do not respond or the corresponding network
       is down.

       fuser  cannot  report on any processes that it doesn't have permission to look at the file descriptor table for.  The most common time this
       problem occurs is when looking for TCP or UDP sockets when running fuser as a non-root user. In this case fuser will report no access

AUTHORS

       Werner Almesberger <werner@almesberger.net>

       Craig Small <csmall@small.dropbear.id.au>

SEE ALSO

       kill(1), killall(1), lsof(8), pkill(1), ps(1), kill(2).

Linux								    2009-04-26								  FUSER(1)