Linux command
pam_time 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Enable time-based access
account required pam_time.so
Allow login only during business hours
echo "login ; * ; * ; Wk0800-1700" >> /etc/security/time.conf
Restrict SSH access
echo "sshd ; * ; john ; Wk0000-2400" >> /etc/security/time.conf
Deny console login on weekends
echo "login ; tty* ; !root ; !Wd0000-2400" >> /etc/security/time.conf
说明
pam_time is a PAM module that restricts access to a system and/or specific applications at various times of the day and on specific days of the week. It does not authenticate the user but instead denies or allows access based on time rules defined in /etc/security/time.conf. Rules are evaluated in order. Each rule specifies which services, terminals, and users are affected, along with permitted time windows. The module is typically used as an account type in PAM configuration.
参数
- debug
- Log verbose debugging information via syslog.
- noaudit
- Do not report login denials to the audit subsystem.
FAQ
What is the pam_time command used for?
pam_time is a PAM module that restricts access to a system and/or specific applications at various times of the day and on specific days of the week. It does not authenticate the user but instead denies or allows access based on time rules defined in /etc/security/time.conf. Rules are evaluated in order. Each rule specifies which services, terminals, and users are affected, along with permitted time windows. The module is typically used as an account type in PAM configuration.
How do I run a basic pam_time example?
Run `account required pam_time.so` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does debug do in pam_time?
Log verbose debugging information via syslog.