|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /proc/21573/root/usr/share/doc/pam-0.99.6.2/txts/ |
Upload File : |
This is pam_timestamp, a module for implementing sudo-style authentication timestamps via PAM. Background: sudo [1] provides a means for allowing certain users (by name, or by group membership) to execute a fixed set of commands under a different UID (even root). Additionally, sudo adds the concept of timestamp files, which will allow a user to use commands via sudo, without needing to reenter her password, within a short period after a previous command was run. The authentication service function checks for the existence and validity of the timestamp file, and if a valid timestamp file exists which is less than timestamp_timeout seconds old, succeeds. The session management service creates or updates the timestamp file. This means that in order for a service to use this module, it must perform PAM session management. The module takes these arguments: debug Log debug messages (with priority DEBUG) to syslog. timestampdir The directory in which timestamp files will be stored and checked for. The default setting is "/var/run/sudo". timestamp_timeout The number of seconds which can pass after its creation during which a timestamp is file is considered to be valid. The default setting, which mirrors sudo's, is 600 (five minutes). verbose Attempt to tell the user when access is granted. Nalin Dahyabhai <nalin@redhat.com> [1] http://www.courtesan.com/sudo/