diff options
author | Lorry <lorry@roadtrain.codethink.co.uk> | 2012-07-23 11:07:21 +0100 |
---|---|---|
committer | Lorry <lorry@roadtrain.codethink.co.uk> | 2012-07-23 11:07:21 +0100 |
commit | 7e99712021a572e6ca85ff8454d3b322bfbeaa6e (patch) | |
tree | 6577e57ca2aab59b4b6ed8f21dfdbe349c028e49 /modules/pam_time/README | |
download | linux-pam-7e99712021a572e6ca85ff8454d3b322bfbeaa6e.tar.gz |
Tarball conversion
Diffstat (limited to 'modules/pam_time/README')
-rw-r--r-- | modules/pam_time/README | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/modules/pam_time/README b/modules/pam_time/README new file mode 100644 index 0000000..05eaec2 --- /dev/null +++ b/modules/pam_time/README @@ -0,0 +1,36 @@ +pam_time — PAM module for time control access + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +The pam_time PAM module does not authenticate the user, but instead it +restricts access to a system and or specific applications at various times of +the day and on specific days or over various terminal lines. This module can be +configured to deny access to (individual) users based on their name, the time +of day, the day of week, the service they are applying for and their terminal +from which they are making their request. + +By default rules for time/port access are taken from config file /etc/security/ +time.conf. + +If Linux PAM is compiled with audit support the module will report when it +denies access. + +EXAMPLES + +These are some example lines which might be specified in /etc/security/ +time.conf. + +All users except for root are denied access to console-login at all times: + +login ; tty* & !ttyp* ; !root ; !Al0000-2400 + + +Games (configured to use PAM) are only to be accessed out of working hours. +This rule does not apply to the user waster: + + +games ; * ; !waster ; Wd0000-2400 | Wk1800-0800 + + |