我创建了一个脚本,通过 Salt 部署到我孩子的计算机上。该脚本实现了允许的工作时间并且运行良好,但我的一个孩子找到了一种绕过此问题的方法,而我不知道如何解决此问题。
我使用过 timekpr,但正在寻找我可以集中控制的东西。我还发现 timekpr 阻止他们正在运行的任务在锁定时继续。
孩子们的电脑运行的是Xubuntu 15.04,完全修补了无密码登录(有密码,但他们不需要知道)
如果他们在脚本锁定会话之前通过单击程序菜单中的挂锁来手动锁定屏幕,则即使用户帐户处于过期状态,他们也可以解锁会话。在预期行为恢复之前,他们只能执行一次此操作。
这是我的脚本:
#!/bin/bash
users[0]='child1'
users[1]='child2'
users[2]='child3'
lock[0]=1930
lock[1]=1930
lock[2]=1930
unlock[0]=1300
unlock[1]=1300
unlock[2]=1300
# clean up at AT jobs that may already exist
for i in `atq | cut -f1`;
do
if at -c $i | grep -q '^/root/userRestrictions.sh$'
then
atrm $i
fi
done
currTime=`date +%k%M`
for i in {0..2}
do
if id -u "${users[i]}" >/dev/null 2>&1; then
# username exists
if [ "$currTime" -ge ${unlock[i]} ] && [ "$currTime" -lt ${lock[i]} ]; then
# current time is between unlock and lock time
# unlock the users account
/usr/bin/chage -E -1 ${users[i]}
# run this script again at the lock time
atHour=$(( ${lock[i]} / 100 ))
# extract minutes and pad with zeros
atMinute=$(( ${lock[i]} % 100 ))
atMinute=`printf %02d $atMinute`
echo "/root/userRestrictions.sh" | at "$atHour:$atMinute"
else
# current time is after lock time or before unlock time
# lock the users account
/usr/bin/chage -E 0 ${users[i]}
# lock screen if the user is logged in at all
if w | cut -d " " -f1 | grep -Fxq "${users[i]}"
then
XDG_SEAT_PATH=/org/freedesktop/DisplayManager/Seat0 dm-tool lock
fi
# run this script again at the unlock time
atHour=$(( ${unlock[i]} / 100 ))
# extract minutes and pad with zeros
atMinute=$(( ${unlock[i]} % 100))
atMinute=`printf %02d $atMinute`
echo "/root/userRestrictions.sh" | at "$atHour:$atMinute"
fi
fi
done