How can I limit the login times in linux for certain users?
772
How can I limit the login times in linux for certain users? For example I have to a user that only needs to be enabled from 8am till 5pm? Is there a way of automating this. My environment is a Centos server administered via webmin.
You need to configure one of the PAM subsystem's modules, called "pam_time". It's pretty simple to do by hand, just by editing the text file that controls the module's behavior. I don't know about webmin, specifically—there may be webmin interface option for this, already.
In short, you'll edit the file '/etc/security/time.conf' and add some configuration options that describe what user you want to restrict, and exactly when you want him to be restricted. Since this is a security-related system file, you'll need root privileges in order to make the edit.
Here's an example of the text you'd add to that file, on a set of new lines (quoted directly from the example in the tutorial I link to, below):
"These rules restrict user bobby from logging on between the hours of 0800 and 2000, and they also restrict Internet access during these hours. Root would be able to logon at any time and browse the Internet during all times as well."
The complete pam_time documentation is here, and it explains the rest of the possible config options and controls:
You need to configure one of the PAM subsystem's modules, called "pam_time". It's pretty simple to do by hand, just by editing the text file that controls the module's behavior. I don't know about webmin, specifically—there may be webmin interface option for this, already.
In short, you'll edit the file '/etc/security/time.conf' and add some configuration options that describe what user you want to restrict, and exactly when you want him to be restricted. Since this is a security-related system file, you'll need root privileges in order to make the edit.
Here's an example of the text you'd add to that file, on a set of new lines (quoted directly from the example in the tutorial I link to, below):
"These rules restrict user bobby from logging on between the hours of 0800 and 2000, and they also restrict Internet access during these hours. Root would be able to logon at any time and browse the Internet during all times as well."
The complete pam_time documentation is here, and it explains the rest of the possible config options and controls:
and there is an easy-to-follow tutorial, here, with step by step instructions, where I found the example I quoted, above: