pam_time — PAM module for time control access
Synopsis
pam_time.so [debug] [noaudit]
Description
The pam_time PAM module does not authenticate the user, but instead it restricts access to a system and or specific applications at various times of the day and on specific days or over various terminal lines. This module can be configured to deny access to (individual) users based on their name, the time of day, the day of week, the service they are applying for and their terminal from which they are making their request.
By default rules for time/port access are taken from config file /etc/security/time.conf.
If Linux PAM is compiled with audit support the module will report when it denies access.
Options
- debug
Some debug information is printed with syslog(3).
- noaudit
Do not report logins at disallowed time to the audit subsystem.
Module Types Provided
Only the account type is provided.
Return Values
- PAM_SUCCESS
Access was granted.
- PAM_ABORT
Not all relevant data could be gotten.
- PAM_BUF_ERR
Memory buffer error.
- PAM_PERM_DENIED
Access was not granted.
- PAM_USER_UNKNOWN
The user is not known to the system.
Files
- /etc/security/time.conf
Default configuration file
Examples
#%PAM-1.0 # # apply pam_time accounting to login requests # login account required pam_time.so
See Also
time.conf(5), pam.d(5), pam(8).