info-vax@ucbvax.ARPA (05/31/85)
From: VENARD%EDUCOM.BITNET@WISCVM.ARPA A while back someone was offering a program that would go around and delete the processes of users who were inactive for a certain period of time. I have heard of these kinds of programs for a long time. My question is this: is a user who is logged in but just sitting there doing nothing all day using any system resources to speak of? Why bother deleting his/her processes? What is the advantage of getting rid of inactive processes on a VAX? Robert Venard BITNET: VENARD@EDUCOM
info-vax@ucbvax.ARPA (05/31/85)
From: Gail Rubin <grubin@bbn-spca> There are reasons for deleting the processes of inactive users. 1) For sites where accounting is done that includes connect time, and where projects want to minimize their charges, it is useful to kill processes of people who aren't doing anything to decrease the amount of time they get charged for. 2) If you have set the maximum number of processes to prevent your system getting too loaded, someone just sitting there is occupying a process slot that could be used by someone else. You might answer, 'well, just increase the max number of processes'; that affects how big your page and swap files have to be so that isn't necessarily a good idea. I imagine there are other reasons; these are just the ones I know of and they are the reasons we sometimes use a 'killer' program here. -- Gail Rubin (grubin@bbn-spca or @bbn-unix)
info-vax@ucbvax.ARPA (05/31/85)
From: <charlie@ari-hq1> There are two reasons for removing inactive users from a VAX. One reason is security-related, and the other pertains to the squandering of resources. So far as security is concerned, a person who logs on and then doesn't do anything on the computer may or may not remain at his terminal. If he goes away and remains logged on, then what is to stop someone else from accessing the computer from the logged-on terminal and wreaking havoc? Not only is the account in danger of the person who is logged in, but the rest of the users are in danger, too. So far as the inactive user is concerned, it the inactive user is concerned, it is possible to rationalize and say that it is his own fault for being negligent, although the rationalization breaks down on account of two reasons: first of all, preoccupation is more often the culprit than negligence, and secondly, the loss is often to the employer more than to the employee. However, in addition to the danger to the person's own account is the possibility of someone else, masquerading as the departed user, who now can hack around in the computer in anonymity since security accountability always depends on identifying the user through his username or UIC, while this hacker is logged in on someone else's account. The situation is analogous to a driver leaving the keys in the ignition and the engine on, and walking away. In the case of a vehicle, the process of exiting from the vehicle is ample reminder to the driver to turn off the ignition and remove the keys. In the case of a computer, the user may turn away from the terminal and continue working at his desk, then an hour later get up to go to lunch, forgetting entirely about his logged-on terminal. Some terminals have screen-saver features that blank out the screen after a period of inactivity, even though the original user is still logged in. The blank screen makes it much less likely that the user will log out when he gets up to go. Using the vehicle-driver analogy again, if the driver goes away for a few hours, leaving the engine on, gas is being burned and other resources are being consumed (oil, engine and other mechanical wear, etc). In the computer, the number of ports may be limited, if a telephone port or a PACX is being used. Also, each process takes up a certain amount of system resources, even when it is inactive. There is no point in consuming even a small amount of overhead when this is not needed. On ARI-HQ1, we currently have eighteen active telephone ports, and there are times when users are turned away by a busy signal when the rotary is entirely occupied. If we allowed someone to log on and then keep his port tied up as long as he wants, then a few people would wind up tying up ports without need and thereby making life more difficult for others who need to get onto the system. It would take a greater number of telephone lines to handle the actual need, and the additional ports taken up for telephone lines would leave us with fewer ports available for hard-wire connections. Charlie Abzug Charlie@ARI-HQ1 ------
info-vax@ucbvax.ARPA (06/01/85)
From: William "Chops" Westfield <BillW@SU-SCORE.ARPA> The usual reasons for loggin out inactive users are the following: They use up terminal lines/modems/whatever, which are frequently one of the scarcer resources on some systems. Many places actually charge users for things like connect time. Users thus appreciate being logged out if they forget. Your administrative people will also appreciate not having to deal with users comming in on monday morning demanding to be reimbursed for 50+ hours of connect time over the weekend when they weren't really doing anything. BillW
info-vax@ucbvax.ARPA (06/01/85)
From: Chris Yoder <engvax!CHRIS@cit-vax>
Yes, the standard reasons for logging people out are to free up ports,
modems, etc, and to have users charges get outrageous (even if it *is* thier
fault). A command procedure that isn't very clean, but that works well enough
is trivial to write if you have NAMES (written mostly by Kevin Carosso, and I
believe that it ended up on a Decus tape, but I'm not sure) which has an idle
terminal time flag.
Actually, what I'd like to see is a disconnect program that would
disconnect the user instead of logging them out. We have our disconnect limit
set at 5 hours so that we can disconnect and come back after lunch and pick up
where we were, so simply disconnecting the job would allow them to pick up the
job later, it frees up the port, and it charges them for 5 hours of extra
connect time if they totally forget (they usually don't miss it, and it
generates a little extra revenue :-) )! Thus, they will not get charged
excessively, but yet they do get charged somewhat (forgetfullness is not that
great an excuse), their port gets freed up, yet their job is secure and can be
gotten back to if they think about it. I can think of dozens of other reasons
why a disconnect program would be useful... say you get to the machine room and
realize that you didn't disconnect but wanted that job (or were just indisposed
to finding the terminal and disconnecting it yourself).
-- Chris Yoder
UUCP --- {allegra|ihnp4}!scgvaxd!engvax!chris
ARPA --- engvax!chris@cit-vax.ARPA
<Just because you're paranoid doesn't mean that they're not out to get you...>
{ The opinions here are representative of Huge Aircrash, not me and
*especially* not of my poor little keyboard. 8-)=
}