RedHatDisconnectIdle

How to disconnect idle sessions

I manage machines with hundreds of users. Most of these users are perfectly reasonable people, but some like to open a session and leave it open for days, just idling by.

Of course these sessions end up taking a lot of memory and cpu, and there comes a time when you have to kick people out manually. Which takes a long time.

Here are a few solutions to this problem I have found, and that I will start implementing soon:

1. Shell configuration

Add this:

TMOUT=<value in seconds>
readonly TMOUT
export TMOUT

Add this:

set -r autologout <valeur en secondes>

2. SSH configuration

(Not everyone uses SSH -- I may end up adding a section for telnet)

Add, in /etc/ssh/sshd_config (or the equivalent on your machines):

ClientAliveInterval <value in seconds>

3. Through scripts launched by cron

	#! /usr/bin/awk -f

	BEGIN {
		system("who -u | sort +5 > /tmp/loginfile");
		system("echo User Sessions Killed > /tmp/killedlogins");
		system("echo `date` >> /tmp/killedlogins");
		while (getline = 1) || (timearray[2] >= 30)) &&
			($1 != "root") &&
			($1 != "user2") &&
			($1 != "user2") &&
			($1 != "user4") &&
			($1 != "lastuser")) { {
		system("ps -ef | grep " $1 " | awk '{print $2}' | xargs kill -KILL");
		print $1, "[Idle " $6 "] Session terminated from " $8 >> "/tmp/killedlogins";
		};
		};
		};
	}
	#!/bin/bash

	who -u | cut -c 1-10,38-50 | egrep "[1-9]:|old" > /tmp/idle$$

	for idleSession in `cat /tmp/idle$$ | awk '{print $3}'`
	do
	    if [ -t 0 ]; then
	       echo killing session $idleSession
	    fi
	    kill -9 $idleSession
	done

See Also: