pam_time - Man Page
PAM module for time control access
Synopsis
pam_time.so [conffile=conf-file] [debug] [noaudit]
Description
The pam_time PAM module does not authenticate the user, but instead it restricts access to a system and or specific applications at various times of the day and on specific days or over various terminal lines. This module can be configured to deny access to (individual) users based on their name, the time of day, the day of week, the service they are applying for and their terminal from which they are making their request.
By default rules for time/port access are taken from config file /etc/security/time.conf. An alternative file can be specified with the conffile option.
If Linux PAM is compiled with audit support the module will report when it denies access.
Options
- conffile=/path/to/time.conf
Indicate an alternative time.conf style configuration file to override the default.
- debug
Some debug information is printed with syslog(3).
- noaudit
Do not report logins at disallowed time to the audit subsystem.
Module Types Provided
Only the account type is provided.
Return Values
- PAM_SUCCESS
Access was granted.
- PAM_ABORT
Not all relevant data could be gotten.
- PAM_BUF_ERR
Memory buffer error.
- PAM_PERM_DENIED
Access was not granted.
- PAM_USER_UNKNOWN
The user is not known to the system.
Files
- /etc/security/time.conf
Default configuration file
Examples
#%PAM-1.0 # # apply pam_time accounting to login requests # login account required pam_time.so
See Also
time.conf(5), pam.d(5), pam(8).
Author
pam_time was written by Andrew G. Morgan <morgan@kernel.org>.