[CentOS] pam_time.so and /etc/security/time.conf
James B. Byrne
byrnejb at harte-lyne.ca
Mon Dec 6 21:51:45 UTC 2010
I have done a bit of experimenting and I am confused respecting the
evident behaviour of this module.
If I do this:
sshd;*;*;Wk0700-1500
Then all user ids fail to log in (at the present time). However, if
I add this:
sshd;*;user01;Al0000-24000
sshd:*:*:Wk0700-1500
Then I get the same result for user01. If I do this instead:
sshd:*:*:Wk0700-1500
sshd;*;user01;Al0000-24000
Then I also get the same result for user01; Forced disconnection.
The inference I draw is that the time.conf file is processed until
either a failure or the end of the file is encountered, which then
counts as a success. Is this right? The manual pages and examples
give no hint that this is what happens. They state in fact that
sshd;*;user01;Al0000-24000 should always let user01 login. And that
clearly does not happen.
Is there something that I am doing wrong here?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the CentOS
mailing list