pam_timestamp_check 8 Linux-PAM Manual pam_timestamp_check Check to see if the default timestamp is valid pam_timestamp_check -k -d target_user With no arguments pam_timestamp_check will check to see if the default timestamp is valid, or optionally remove it. -k Instead of checking the validity of a timestamp, remove it. This is analogous to sudo's -k option. -d Instead of returning validity using an exit status, loop indefinitely, polling regularly and printing the status on standard output. target_user By default pam_timestamp_check checks or removes timestamps generated by pam_timestamp when the user authenticates as herself. When the user authenticates as a different user, the name of the timestamp file changes to accommodate this. target_user allows to specify this user name. 0 The timestamp is valid. 2 The binary is not setuid root. 3 Invalid invocation. 4 User is unknown. 5 Permissions error. 6 Invalid controlling tty. 7 Timestamp is not valid. Users can get confused when they are not always asked for passwords when running a given program. Some users reflexively begin typing information before noticing that it is not being asked for. auth sufficient pam_timestamp.so verbose auth required pam_unix.so session required pam_unix.so session optional pam_timestamp.so /var/run/sudo/... timestamp files and directories pam_timestamp_check8 , pam.conf5 , pam.d5 , pam8 pam_tally was written by Nalin Dahyabhai.