summaryrefslogtreecommitdiff
path: root/modules/pam_time/README
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_time/README')
-rw-r--r--modules/pam_time/README45
1 files changed, 24 insertions, 21 deletions
diff --git a/modules/pam_time/README b/modules/pam_time/README
index 38b2b3e6..abafd936 100644
--- a/modules/pam_time/README
+++ b/modules/pam_time/README
@@ -1,30 +1,33 @@
-$Id$
+pam_time — PAM module for time control access
-This is a help file for the pam_time module. It explains the need for
-pam_time and also the syntax of the /etc/security/time.conf file.
-[a lot of the syntax is freely adapted from the porttime file of the
-shadow suite.]
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-1. Introduction
-===============
+DESCRIPTION
-It is desirable to restrict access to a system and or specific
-applications at various times of the day and on specific days or over
-various terminal lines.
+The pam_time PAM module does not authenticate the user, but instead it
+restricts access to a system and or specific applications at various times of
+the day and on specific days or over various terminal lines. This module can be
+configured to deny access to (individual) users based on their name, the time
+of day, the day of week, the service they are applying for and their terminal
+from which they are making their request.
-The pam_time module is intended to offer a configurable module that
-satisfies this purpose, within the context of Linux-PAM.
+By default rules for time/port access are taken from config file /etc/security/
+time.conf.
-2. the /etc/security/time.conf file
-===================================
+EXAMPLES
-This file is the configuration script for defining time/port access
-control to the system/applications.
+These are some example lines which might be specified in /etc/security/
+time.conf.
-Its syntax is described in the sample ./time.conf provided in this
-directory.
+All users except for root are denied access to console-login at all times:
+
+login ; tty* & !ttyp* ; !root ; !Al0000-2400
+
+
+Games (configured to use PAM) are only to be accessed out of working hours.
+This rule does not apply to the user waster:
+
+
+games ; * ; !waster ; Wd0000-2400 | Wk1800-0800
-unrecognised rules are ignored (but an error is logged to syslog(3))
---------------------
-Bugs to Andrew <morgan@parc.power.net> or the list <pam-list@redhat.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 14:10:04 +0000