AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
 View Only

  • 1.  TMOUT

    Posted Thu September 07, 2006 08:07 AM

    Originally posted by: SystemAdmin


    I want none of users logged into the AIX 5.3 server should be able to change TMOUT parameter except root user. I have set the same to 600, but users when logged in change the same to 0 by using export TMOUT=0. How to restrict users from changing TMOUT parameter
    #AIX-Forum


  • 2.  Re: TMOUT

    Posted Thu September 07, 2006 11:22 AM

    Originally posted by: MarkTaylor


    set TMOUT as readonly

    Ref: http://www-03.ibm.com/servers/aix/whitepapers/aix_security.pdf#search=%22aix%20readonly%20tmout%22

    HTH
    Mark Taylor

    #AIX-Forum


  • 3.  Re: TMOUT

    Posted Sun September 10, 2006 03:13 PM

    Originally posted by: SystemAdmin


    Hi Mark,

    From the "Strengthening AIX Security" document, it is noted to set readonly in this format:

    code TMOUT=600 ; TIMEOUT=600 ; export readonly TMOUT TIMEOUT [/code]

    Here's my session from a system:
    [b]$ grep TMOUT /etc/profile
    TMOUT=1200; export readonly TMOUT
    $ echo $TMOUT
    1200
    $ export TMOUT=100
    $ echo $TMOUT
    100
    (after about 40 seconds)
    $
    Shell will time out in 60 seconds.[/b]

    What I believe the line should be is:
    code export TMOUT=1200; readonly TMOUT [/code]

    Then when I log in:
    [b]$ echo $TMOUT
    1200
    $ export TMOUT=100
    ksh: TMOUT: This variable is read only.[/b]

    Does the manner described in the referenced document work for you?

    Regards,
    Glenn
    #AIX-Forum


Related Content