/* embarrassingly simple program to lock out and log login attempts       */
/*                                                                        */
/* use as the login shell for users who shouldn't log in.                 */
/*                                                                        */
/* before compiling, modify CONTACT and CONTACT_EMAIL                     */
/*                                                                        */
/* requires minilib. to compile:                                          */
/*   gcc -o nologin nologin.c -I<minilib_dir> \                           */
/*                         -L<minilib_dir> -lminilib -static              */
/*                                                                        */
/* ari edelkind (06/28/2001)                                              */
/* last modified 06/28/2001                                               */


#include <stdio.h>
#include <unistd.h>
#include <pwd.h>
#include <syslog.h>
#include "minimisc.h"

#define CONTACT "the Security staff"
#define CONTACT_EMAIL "security@somehost.net"

#define LOG_IDENT "NOLOGIN"

#define WAIT_TIME 5

int main(void) {
	struct passwd *pw_ent = getpwuid(getuid());

	sig_block_int();

	openlog(LOG_IDENT, LOG_CONS, LOG_AUTH);
	syslog(LOG_NOTICE, "login attempt from %s (locked out)",
			pw_ent->pw_name);

	printf ("\n"
		"User %s is not permitted to log into this system.\n"
		"\n"
		"If you consider this to be an error, please contact\n"
		"%s by sending mail to %s.\n"
		"\n"
		"You will be automatically logged out in %d seconds.\n"
		"\n", pw_ent->pw_name, CONTACT, CONTACT_EMAIL, WAIT_TIME);

	sleep (WAIT_TIME);
	sig_unblock_int();
	_exit(1);
}