Unable to make pam_time.so work

Hello all

I am trying to set access restrictions based on time to the users of my computer, ( you know… kids, wife, mother in law, the works;))

The system is OpenSuse 11.0

Although I have set the pam_time.co module in /etc/pam.d/login

((((((((( *********************** ))))))))))
auth requisite pam_nologin.so
auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so
auth include common-auth
account include common-account

password include common-password
session required pam_loginuid.so

session include common-session

session required pam_lastlog.so nowtmp
session required pam_resmgr.so
session optional pam_mail.so standard
session optional pam_ck_connector.so

account required pam_time.so

(((((((((((((( ********************* ))))))))))))))))))

and the entry…

;;test;!Al2100-2300 ----- (for user test to be able to login only between 21:00-23:00)

in time.conf


please help:’(:’(:’(

First, add debug at the end of that pam_time.so line that debug info is logged.

Second, you need to either put the call to pam_time.so in common-account so that all authenticated services use it, or to put it in the file for each service. For instance to deny ssh login, you would edit /etc/pam.d/sshd. For GUI login, it’s probably not /etc/pam.d/login, that’s for the CLI login. It might be xdm.

Pay attention to the note at the top of /etc/pam.d/common-account about the file being automatically generated.

When pam_time.so is actually being called, you should get a line like this in /var/log/messages:

Sep 18 00:01:47 foo sshd[2272]: pam_time(sshd:account): user foo rejected

Dear friend (and honorable wise penguin)

Thanks for the reply but I am a featherless little chick and I would be grateful if you could provide me with a more detailed reply (as with code?:shame:)


PS please forgive the second posting on the same topic but I am new to forums and dont know the prosedures well