limit users to one login session
  (without PAM)

 (all lifted From Darren Moffat's blog:
     http://blogs.sun.com/darren/entry/limiting_users_to_one_login )

 Use of project(4) and resource_control(5)

 One command:
      projadd -K 'project.max-tasks=(privileged,1,deny)' user.foo

 Updates /etc/project
         user.foo:100::::project.max-tasks=(privileged,1,deny)

 Though modify the /etc/project 'default' entry to be:
     default:3::!*::

 Makes sure the user (all users in this case) not part of the 'default' project

 Ok, foo logs into the bar system...
    tries to login again:

$ ssh foo@bar
Resource control limit has been reached
$
    So foo isn't allowed into the bar more than once

   and if foo tries to do anything more:

$ sleep 500 &
zsh: fork failed: resource temporarily unavailable



  Can also limit the cpu resources of a user:

    Before:
# prctl -P -n project.cpu-cap $$
process: 1057: /bin/bash
project.cpu-cap system 4294967295 inf deny -

# prctl -t privileged -n project.cpu-cap -v 50 $$
# prctl -P -n project.cpu-cap $$
process: 1057: /bin/bash
project.cpu-cap privileged 50 - deny -
project.cpu-cap system 4294967295 inf deny -
#