Logoutd

Under SunOS 4.x a customer was using a program called idledaemon. One of the functions of this daemon was to scan for idle users and log them out. The customer has migrated to Solaris 2.x and needs similar functionality. One option was to port idledaemon. After taking a brief look at the source code I decided to write my own version since idledaemon was too dependent on SunOS 4.x and had too many assumptions. The idea of logoutd was born.

Logoutd is not meant to be a clone of idledaemon. In fact it is much less than that. It only performs one thing, whereas idledaemon had a few other features.

What does logoutd do?

Logoutd takes one argument in the command line. This argument must be a number specifying how long a user must be idle to be classified by logoutd as an idle user. Since it is possible that a user may be idle because she is waiting for a process to finish, or the process she is running has not yet produced any output for a long period of time, we cannot simply look at idle times. An idle user according to logoutd's definition has the following properties:

  1. A user who has no tty activity for a specified period of time
  2. No process belonging to that user is using the particular tty besides the idle shell

How to determine if a user is idle

  1. Check utmp for users that are logged on and determine which tty they are using.
  2. Determine the last access time on the tty
  3. Subtract last access time from current time. This is our idle time
  4. If idle time is greater or equal to the time specified at the command line do the following:
    1. Check for processes owned by the user and whose controlling tty matches this user's controlling tty.
    2. If there is only one process (it must be the shell -- I know it's a big assumption!) then we can kill it.
    3. Send a SIGHUP to it. If it is a shell, the shell will exit gracefully.

Logoutd spends most of it's time sleeping. It wakes up at intervals specified in minutes in the command line. It then scans for idle users, kills those that it finds and goes back to sleep.

Logoutd must be run as root.

You may obtain logoutd source code here . A solaris 2.5 binary is available here

If you like it and find it useful, don't hesitate to let me know, and thank me while you're at it. :)

Wish List

  1. Capability to specify an exception list of users -- users that won't be logged out
  2. Capability to specify processes that use the tty which is OK to kill.
  3. Capability to detect "idle su" to root sessions (not just the side effect).

If you find bugs or have problems with it or if you don't like its design, let me know too. You may reach me at edsel@canada.sun.com

Back to Edsel Adap's OPCOM Home Page