diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-09-28 19:42:50 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-28 19:42:50 +0200 |
commit | 0af970a6d98485812fab887d91d4317fa5c0e417 (patch) | |
tree | f7583433fa6276e914cf8ae26b4d84d0f6cc8991 | |
parent | d5e84fab2e66fb4452516e3a5adc00c6ed772de1 (diff) | |
parent | ee2dc735e02930ac46c6ccc96dc5486ab96179e5 (diff) | |
download | vyos-1x-0af970a6d98485812fab887d91d4317fa5c0e417.tar.gz vyos-1x-0af970a6d98485812fab887d91d4317fa5c0e417.zip |
Merge pull request #1561 from sever-sever/T4715
login: T4715: Auto logout user after inactivity
-rw-r--r-- | data/templates/login/autologout.j2 | 5 | ||||
-rw-r--r-- | interface-definitions/system-login.xml.in | 13 | ||||
-rwxr-xr-x | src/conf_mode/system-login.py | 8 |
3 files changed, 26 insertions, 0 deletions
diff --git a/data/templates/login/autologout.j2 b/data/templates/login/autologout.j2 new file mode 100644 index 000000000..dc94eecc3 --- /dev/null +++ b/data/templates/login/autologout.j2 @@ -0,0 +1,5 @@ +{% if timeout is vyos_defined %} +TMOUT={{ timeout }} +readonly TMOUT +export TMOUT +{% endif %} diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in index 24eeee355..d189be3f8 100644 --- a/interface-definitions/system-login.xml.in +++ b/interface-definitions/system-login.xml.in @@ -151,6 +151,19 @@ #include <include/interface/vrf.xml.i> </children> </node> + <leafNode name="timeout"> + <properties> + <help>Session timeout</help> + <valueHelp> + <format>u32:5-604800</format> + <description>Session timeout in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 5-604800"/> + </constraint> + <constraintErrorMessage>Timeout must be between 5 and 604800 seconds</constraintErrorMessage> + </properties> + </leafNode> </children> </node> </children> diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py index 3dcbc995c..dbd346fe4 100755 --- a/src/conf_mode/system-login.py +++ b/src/conf_mode/system-login.py @@ -40,6 +40,7 @@ from vyos import ConfigError from vyos import airbag airbag.enable() +autologout_file = "/etc/profile.d/autologout.sh" radius_config_file = "/etc/pam_radius_auth.conf" def get_local_users(): @@ -203,6 +204,13 @@ def generate(login): if os.path.isfile(radius_config_file): os.unlink(radius_config_file) + if 'timeout' in login: + render(autologout_file, 'login/autologout.j2', login, + permission=0o755, user='root', group='root') + else: + if os.path.isfile(autologout_file): + os.unlink(autologout_file) + return None |