From ee2dc735e02930ac46c6ccc96dc5486ab96179e5 Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Tue, 27 Sep 2022 11:32:42 +0000 Subject: login: T4715: Auto logout user after inactivity Ability to terminate interactive sessions (TTY/PTS) after a period of inactivity. set system login timeout '300' --- data/templates/login/autologout.j2 | 5 +++++ interface-definitions/system-login.xml.in | 13 +++++++++++++ src/conf_mode/system-login.py | 8 ++++++++ 3 files changed, 26 insertions(+) create mode 100644 data/templates/login/autologout.j2 diff --git a/data/templates/login/autologout.j2 b/data/templates/login/autologout.j2 new file mode 100644 index 000000000..dc94eecc3 --- /dev/null +++ b/data/templates/login/autologout.j2 @@ -0,0 +1,5 @@ +{% if timeout is vyos_defined %} +TMOUT={{ timeout }} +readonly TMOUT +export TMOUT +{% endif %} diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in index 24eeee355..d189be3f8 100644 --- a/interface-definitions/system-login.xml.in +++ b/interface-definitions/system-login.xml.in @@ -151,6 +151,19 @@ #include + + + Session timeout + + u32:5-604800 + Session timeout in seconds + + + + + Timeout must be between 5 and 604800 seconds + + diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py index 3dcbc995c..dbd346fe4 100755 --- a/src/conf_mode/system-login.py +++ b/src/conf_mode/system-login.py @@ -40,6 +40,7 @@ from vyos import ConfigError from vyos import airbag airbag.enable() +autologout_file = "/etc/profile.d/autologout.sh" radius_config_file = "/etc/pam_radius_auth.conf" def get_local_users(): @@ -203,6 +204,13 @@ def generate(login): if os.path.isfile(radius_config_file): os.unlink(radius_config_file) + if 'timeout' in login: + render(autologout_file, 'login/autologout.j2', login, + permission=0o755, user='root', group='root') + else: + if os.path.isfile(autologout_file): + os.unlink(autologout_file) + return None -- cgit v1.2.3