Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2006-06-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_time/Makefile.am: Include Make.xml.rules.
        * modules/pam_time/time.conf.5: New, generated from xml file.
        * modules/pam_time/time.conf.5.xml: New.
        * modules/pam_time/pam_time.8: New, generated from xml file.
        * modules/pam_time/pam_time.8.xml: New.
        * modules/pam_time/README.xml: New.
        * modules/pam_time/README: Regenerated from README.xml.

1 files changed, 24 insertions, 21 deletions

diff --git a/modules/pam_time/README b/modules/pam_time/README
index 38b2b3e6..abafd936 100644
--- a/modules/pam_time/README
+++ b/modules/pam_time/README
@@ -1,30 +1,33 @@
-$Id$
+pam_time — PAM module for time control access
 
-This is a help file for the pam_time module. It explains the need for
-pam_time and also the syntax of the /etc/security/time.conf file.
-[a lot of the syntax is freely adapted from the porttime file of the
-shadow suite.]
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
-1. Introduction
-===============
+DESCRIPTION
 
-It is desirable to restrict access to a system and or specific
-applications at various times of the day and on specific days or over
-various terminal lines.
+The pam_time PAM module does not authenticate the user, but instead it
+restricts access to a system and or specific applications at various times of
+the day and on specific days or over various terminal lines. This module can be
+configured to deny access to (individual) users based on their name, the time
+of day, the day of week, the service they are applying for and their terminal
+from which they are making their request.
 
-The pam_time module is intended to offer a configurable module that
-satisfies this purpose, within the context of Linux-PAM.
+By default rules for time/port access are taken from config file /etc/security/
+time.conf.
 
-2. the /etc/security/time.conf file
-===================================
+EXAMPLES
 
-This file is the configuration script for defining time/port access
-control to the system/applications.
+These are some example lines which might be specified in /etc/security/
+time.conf.
 
-Its syntax is described in the sample ./time.conf provided in this
-directory.
+All users except for root are denied access to console-login at all times:
+
+login ; tty* & !ttyp* ; !root ; !Al0000-2400
+
+
+Games (configured to use PAM) are only to be accessed out of working hours.
+This rule does not apply to the user waster:
+
+
+games ; * ; !waster ; Wd0000-2400 | Wk1800-0800
 
-unrecognised rules are ignored (but an error is logged to syslog(3))
 
---------------------
-Bugs to Andrew <morgan@parc.power.net> or the list <pam-list@redhat.com>