On Oct 14 18:15:16, Brad Tilley wrote: > On 10/14/2010 05:13 PM, Jan Stary wrote: > > On Oct 14 17:01:30, Brad Tilley wrote: > >> Jan Stary wrote: > >> > >>> Why do you want to logout idle users? > >>> There is sysutils/idled if you need it. > >> > >> I'm experimenting with getting an OpenBSD base system to meet the PCI > >> DSS requirements. > > > > Does PCI DSS require you to log users out? > > After 15 minutes of inactivity, users must re-enter the password. > Something such as that.
So if I put { while true ; sleep $((15*60)) ; done ; } & into my ~/.shrc I am OK, because I have a background process running (is that "activity"?). Makes me feel very secure, as a user. Almost as secure as if my admin knew what he was doing. > >> I'm trying to avoid using any software outside the base system. > >> > >>>> rm /bin/csh > >>>> cp /bin/ksh /bin/csh > >> > >>> You just forced your csh users to use ksh. Why do you want them to hate > >>> you? > >> > >> It's just a shell, they'll get over it. > > > > Unbelievable. > > I'm not actually doing this to users on an existing system. I'm just > experimenting. Thinking out loud about the issues before having to deal > with it. The only "issue" so far is that you have broken everybody's csh scripts.