[X-Unix] Remote force logout and lockout of user

William H. Magill magill at mcgillsociety.org
Mon Jun 14 09:14:09 PDT 2004


On 13 Jun, 2004, at 19:53, James Bucanek wrote:
> Dennis Fazio wrote on Sunday, June 13, 2004:
>> What is the best way to force logout a particular user
>> <uncooperative_teenager> on a remote system (of which I have  
>> administrator
>> rights) and temporarily prevent additional logins?
>>
>> I've come up with:
>> ssh to remote system and login to my admin account
>> use "passwd uncooperative_teenager" and change their password
>> use ps -aux to see all processes
>> kill process ID of their
>> /System/Library/CoreServices/loginwindow.app/Contents/MacOS/ 
>> loginwindow
>> process.
>
> Doesn't work on mine.  Sure, it logs the user out, but loginwindow  
> just restarts and logs 'em right back in again.
>
> I also tried 'killall -u baduser' with similar results.

This sounds like the machine is a single user machine which is setup to
Automatically Login as User baduser".

That setting bypasses all checks for passwords so modifying the  
password will have no effect.

The command line passwd command will change the password in netinfo.

Killing the loginwindow process should kill all child processes except  
any which have been "nohup"ed.

However, if the account is set to automatically login the user, they  
will simply be given a new desktop.

Off hand, I do not know where that particular value is stored or its  
actual name -- in a plist or in netinfo. It is set in  
"preferences/accounts/login options.

Personally, I don't believe in automatic logins. I much prefer to  
prompt for Userid and Password. It forces the user to at least "think"  
about the concept of security, if only for one small fraction of a  
second.

T.T.F.N.
William H. Magill
# Beige G3 - Rev A motherboard - 768 Meg
# Flat-panel iMac (2.1) 800MHz - Super Drive - 768 Meg
# PWS433a [Alpha 21164 Rev 7.2 (EV56)- 64 Meg]- Tru64 5.1a
# XP1000  [Alpha EV6]
magill at mcgillsociety.org
magill at acm.org
magill at mac.com



More information about the X-Unix mailing list