- pam_timestamp_check [-k] [-d] [target_user]
- Instead of checking the validity of a timestamp, remove it. This is analogous to sudo's -k option.
- Instead of returning validity using an exit status, loop indefinitely, polling regularly and printing the status on standard output.
- By default pam_timestamp_check checks or removes timestamps generated by pam_timestamp when the user authenticates as herself. When the user authenticates as a different user, the name of the timestamp file changes to accommodate this. target_user allows to specify this user name.
- The timestamp is valid.
- The binary is not setuid root.
- Invalid invocation.
- User is unknown.
- Permissions error.
- Invalid controlling tty.
- Timestamp is not valid.
Users can get confused when they are not always asked for passwords when running a given program. Some users reflexively begin typing information before noticing that it is not being asked for.
auth sufficient pam_timestamp.so verbose auth required pam_unix.so session required pam_unix.so session optional pam_timestamp.so
- timestamp files and directories
pam_tally was written by Nalin Dahyabhai.