[QCLUG] Re: Kid timer

Jim Hall volunteer.jim@gmail.com
Tue, 1 Aug 2006 18:06:40 -0500 

---------------------- multipart/alternative attachment
Results of my laughable attempts to make this work.

I've got shutdown. Don't need to worry about the message right now. I've
tried the following, experimenting. I've even tried Steve's time script
entry. The only way I've been able to lockout the kids login is a direct
entry of 'usermod -L <user>' in crontab. This becomes permanent. I have to
go to console and use 'usermod -U <user>' on each account   I've included
the contents of all the relavent files. I feel that I must be close, but
can't figure out what's missing. I hope you can come up with the "what"
because I obviously don't know what I'm doing.

Jim
********************************************

# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file.
# This file also has a username field, that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user    command
17 *    * * *    root    run-parts --report /etc/cron.hourly
25 4    * * *    root    test -x /usr/sbin/anacron || run-parts --report
/etc/cron.daily
47 4    * * 7    root    test -x /usr/sbin/anacron || run-parts --report
/etc/cron.weekly
52 4    1 * *    root    test -x /usr/sbin/anacron || run-parts --report
/etc/cron.monthly
#
50 21    * * *    root    /sbin/shutdown -h +10
59 21    * * *    root    /usr/sbin/kid-timer_lockout
00 10    * * *    root    /usr/sbin/kid-timer_login

#
****************************

Contents of '/usr/sbin/Kid-timer_lockout'
/bin/sh
# This should lockout specific user accounts after nightly shutdown.
#
/usr/sbin/usermod -L megan
/usr/sbin/usermod -L anna
/usr/sbin/usermod -L thomas
*****************************

Contents of '/usr/sbin/Kid-timer_login'
/bin/sh
# This should allow login for specific user accounts the
#morning after nightly shutdown.
#
if (time > 10.00 and time < 21.59) {
/usr/sbin/usermod -U megan
}
if (time > 10.00 and time < 21.59) {
/usr/sbin/usermod -U anna
}
if (time > 10.00 and time < 21.59) {
/usr/sbin/usermod -U thomas
}
******************************

Contents of /etc/security/time.conf
# this is an example configuration file for the pam_time module. Its syntax
# was initially based heavily on that of the shadow package (shadow-960129).
#
# the syntax of the lines is as follows:
#
#       services;ttys;users;times
#
# white space is ignored and lines maybe extended with '\\n' (escaped
# newlines). As should be clear from reading these comments,
# text following a '#' is ignored to the end of the line.
#
# the combination of individual users/terminals etc is a logic list
# namely individual tokens that are optionally prefixed with '!' (logical
# not) and separated with '&' (logical and) and '|' (logical or).
#
# services
#    is a logic list of PAM service names that the rule applies to.
#
# ttys
#    is a logic list of terminal names that this rule applies to.
#
# users
#    is a logic list of users to whom this rule applies.
#
# NB. For these items the simple wildcard '*' may be used only once.
#
# times
#    the format here is a logic list of day/time-range
#    entries the days are specified by a sequence of two character
#    entries, MoTuSa for example is Monday Tuesday and Saturday. Note
#    that repeated days are unset MoMo = no day, and MoWk = all weekdays
#    bar Monday. The two character combinations accepted are
#
#        Mo Tu We Th Fr Sa Su Wk Wd Al
#
#    the last two being week-end days and all 7 days of the week
#    respectively. As a final example, AlFr means all days except Friday.
#
#    each day/time-range can be prefixed with a '!' to indicate "anything
#    but"
#
#    The time-range part is two 24-hour times HHMM separated by a hyphen
#    indicating the start and finish time (if the finish time is smaller
#    than the start time it is deemed to apply on the following day).
#
# for a rule to be active, ALL of service+ttys+users must be satisfied
# by the applying process.
#

#
# Here is a simple example: running blank on tty* (any ttyXXX device),
# the users 'you' and 'me' are denied service all of the time
#

#blank;tty* & !ttyp*;you|me;!Al0000-2400

# Another silly example, user 'root' is denied xsh access
# from pseudo terminals at the weekend and on mondays.

#xsh;ttyp*;root;!WdMo0000-2400

#
# End of example file.

# ##### Kid-timer lockout & login (starting sample lines first)
# *;*;root|admin;Al0000-2400
# login|kdm;*;*;!Al2300-2400&!Al0000-1100

#login|kdm;megan|anna|thomas;!Al2300-2400&!Al0000-1000

---------------------- multipart/alternative attachment
An HTML attachment was scrubbed...
URL: http://qclug.org/pipermail/qclug/attachments/9066784e/attachment.htm

---------------------- multipart/alternative attachment--