blob: b90ab317aba5d26c1be4588cef8d5fdf80f03e72 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
'\" t
.\" Title: pam_timestamp_check
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 05/18/2017
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
.TH "PAM_TIMESTAMP_CHECK" "8" "05/18/2017" "Linux-PAM Manual" "Linux\-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
pam_timestamp_check \- Check to see if the default timestamp is valid
.SH "SYNOPSIS"
.HP \w'\fBpam_timestamp_check\fR\ 'u
\fBpam_timestamp_check\fR [\-k] [\-d] [\fItarget_user\fR]
.SH "DESCRIPTION"
.PP
With no arguments
\fBpam_timestamp_check\fR
will check to see if the default timestamp is valid, or optionally remove it\&.
.SH "OPTIONS"
.PP
\fB\-k\fR
.RS 4
Instead of checking the validity of a timestamp, remove it\&. This is analogous to sudo\*(Aqs
\fI\-k\fR
option\&.
.RE
.PP
\fB\-d\fR
.RS 4
Instead of returning validity using an exit status, loop indefinitely, polling regularly and printing the status on standard output\&.
.RE
.PP
\fB\fItarget_user\fR\fR
.RS 4
By default
\fBpam_timestamp_check\fR
checks or removes timestamps generated by
\fIpam_timestamp\fR
when the user authenticates as herself\&. When the user authenticates as a different user, the name of the timestamp file changes to accommodate this\&.
\fItarget_user\fR
allows to specify this user name\&.
.RE
.SH "RETURN VALUES"
.PP
0
.RS 4
The timestamp is valid\&.
.RE
.PP
2
.RS 4
The binary is not setuid root\&.
.RE
.PP
3
.RS 4
Invalid invocation\&.
.RE
.PP
4
.RS 4
User is unknown\&.
.RE
.PP
5
.RS 4
Permissions error\&.
.RE
.PP
6
.RS 4
Invalid controlling tty\&.
.RE
.PP
7
.RS 4
Timestamp is not valid\&.
.RE
.SH "NOTES"
.PP
Users can get confused when they are not always asked for passwords when running a given program\&. Some users reflexively begin typing information before noticing that it is not being asked for\&.
.SH "EXAMPLES"
.sp
.if n \{\
.RS 4
.\}
.nf
auth sufficient pam_timestamp\&.so verbose
auth required pam_unix\&.so
session required pam_unix\&.so
session optional pam_timestamp\&.so
.fi
.if n \{\
.RE
.\}
.SH "FILES"
.PP
/var/run/sudo/\&.\&.\&.
.RS 4
timestamp files and directories
.RE
.SH "SEE ALSO"
.PP
\fBpam_timestamp_check\fR(8),
\fBpam.conf\fR(5),
\fBpam.d\fR(5),
\fBpam\fR(8)
.SH "AUTHOR"
.PP
pam_tally was written by Nalin Dahyabhai\&.
|