In a nutshell,
pam_timestamp
caches successful authentication attempts, and allows you to use a recent successful attempt as the basis for authentication. This is similar mechanism which is used in
sudo.
When an application opens a session using
pam_timestamp, a timestamp file is created in the
timestampdir
directory for the user. When an application attempts to authenticate the user, a
pam_timestamp
will treat a sufficiently recent timestamp file as grounds for succeeding.
OPTIONS
timestamp_timeout=number
-
How long should pam_timestamp treat timestamp as valid after their last modification date (in seconds). Default is 300 seconds.
verbose
-
Attempt to inform the user when access is granted.
debug
-
Turns on debugging messages sent to
syslog(3).
MODULE TYPES PROVIDED
The
auth
and
session
module types are provided.
RETURN VALUES
PAM_AUTH_ERR
-
The module was not able to retrieve the user name or no valid timestamp file was found.
PAM_SUCCESS
-
Everything was successful.
PAM_SESSION_ERR
-
Timestamp file could not be created or updated.
NOTES
Users can get confused when they are not always asked for passwords when running a given program. Some users reflexively begin typing information before noticing that it is not being asked for.
EXAMPLES
-
auth sufficient pam_timestamp.so verbose
auth required pam_unix.so
session required pam_unix.so
session optional pam_timestamp.so
FILES
/var/run/sudo/...
-
timestamp files and directories
SEE ALSO
pam_timestamp_check(8),
pam.conf(5),
pam.d(5),
pam(8)
AUTHOR
pam_tally was written by Nalin Dahyabhai.
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- OPTIONS
-
- MODULE TYPES PROVIDED
-
- RETURN VALUES
-
- NOTES
-
- EXAMPLES
-
- FILES
-
- SEE ALSO
-
- AUTHOR
-
This document was created by
man2html,
using the manual pages.
Time: 19:49:31 GMT, April 27, 2011