Friday, June 21, 2013

afkd

aWAY fROM kEYBOARD dAEMON
[a]way [f]rom [k]eyboard [d]aemon

A daemon process to determine and control unix processes based on the time of the last key pressed to a given terminal.

With Linux or Solaris, a user can potentially log in via a variety of mechanisms.  There are multiple protocols and associated daemons that use terminals from difference sources.  Terminals are devices that provide enhanced input/output capabilities beyond what could be achieved with only regular files, pipes, and sockets.   For example, physically attached devices such as a keyboard and/or display will get allocated a tty when logging into the kernel via login(1).

ll terminals have a control process such as an associated shell (e.g. bash, csh, etc.).  Individual shells may provide an 'idle timeout', but these are not always effective (i.e. bash's TMOUT doesn't work if another process is controlling both stdin and stdou, such as vi, top, and a large number of other utilities). 

There is a need, regardless of the shell or any other running process (grouped by the same terminal), to ensure idle users who have been away from the keyboard for a specified number of minutes are indeed logged out.  Throughout the years there haven't been many programs written specifically for this function.  Yet, idle terminals are a clear security risk for most systems.  This is especially important for root and console sessions that have been left unattended.


No comments:

Post a Comment