On 15 November 2010 12:36, Richard W Jerrido <[email protected]> wrote:
> > > > On 12 November 2010 22:46, Srija <[email protected] > >> <mailto:[email protected]>> wrote: >> >> The problem is, if an user login , as himself , he can't change TMOUT >> parameter until he changes the shell. If the user changes the shell , >> it >> can be modified. >> >> >> >> > You can declare readonly variables bash using the following: > > > [u...@somehost ~]$ TMOUT=900 > [u...@somehost ~]$ readonly TMOUT > [u...@somehost ~]$ export TMOUT > > or > > [u...@somehost ~]$ declare -rx TMOUT=900 > > Then trying to change the value of TMOUT gives the following: > > [u...@somehost ~]$ export TMOUT=150 > -bash: TMOUT: readonly variable > > For system-wide effect, it would be advisable to set the above in a file in > /etc/profile.d/ such as /etc/profile.d/auto_logout.sh. Note, that this would > only apply to Bourne-compatible shells, so you'd also need to do something > similar if you have any csh users. > > It doesn't solve the problem: $ declare -tx TMOUT=900 $ TMOUT=1000 bash: TMOUT: readonly variable $ exec bash $ TMOUT=1000 $ printenv TMOUT 1000 You can't make the read-only status of a variable persist across an exec. As I said before, you could make it harder to circumvent by putting the command in /etc/bashrc, but unless I'm mistaken that doesn't get called used a user's ~/.bashrc specifically sources it. jch
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
