On Oct 14 18:15:16, Brad Tilley wrote:
> On 10/14/2010 05:13 PM, Jan Stary wrote:
> > On Oct 14 17:01:30, Brad Tilley wrote:
> >> Jan Stary wrote:
> >>
> >>> Why do you want to logout idle users?
> >>> There is sysutils/idled if you need it.
> >>
> >> I'm experimenting with getting an OpenBSD base system to meet the PCI
> >> DSS requirements.
> >
> > Does PCI DSS require you to log users out?
>
> After 15 minutes of inactivity, users must re-enter the password.
> Something such as that.
So if I put { while true ; sleep $((15*60)) ; done ; } &
into my ~/.shrc I am OK, because I have a background process running
(is that "activity"?). Makes me feel very secure, as a user.
Almost as secure as if my admin knew what he was doing.
> >> I'm trying to avoid using any software outside the base system.
> >>
> >>>> rm /bin/csh
> >>>> cp /bin/ksh /bin/csh
> >>
> >>> You just forced your csh users to use ksh. Why do you want them to hate
> >>> you?
> >>
> >> It's just a shell, they'll get over it.
> >
> > Unbelievable.
>
> I'm not actually doing this to users on an existing system. I'm just
> experimenting. Thinking out loud about the issues before having to deal
> with it.
The only "issue" so far is that you have broken everybody's csh scripts.
