{"id":4934,"date":"2015-07-22T09:07:43","date_gmt":"2015-07-22T01:07:43","guid":{"rendered":"http:\/\/rmohan.com\/?p=4934"},"modified":"2015-07-22T09:07:43","modified_gmt":"2015-07-22T01:07:43","slug":"how-to-set-accessrestrictions-on-users-logins","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=4934","title":{"rendered":"How to set Access\/Restrictions on users logins"},"content":{"rendered":"<p><strong>Time Based Restrictions <\/strong><br \/>\nThese examples will limit the login times of certain users. See \/etc\/security\/time.conf for more information\/examples. In order to place time restrictions on user logins, the following must be placed in \/etc\/pam.d\/login:<\/p>\n<p>account    required    \/lib\/security\/pam_time.so<\/p>\n<p>The remaining lines should be placed in \/etc\/security\/time.conf.<\/p>\n<p>1. Only allow user mohan to login during on weekdays between 7 am and 5 pm.<\/p>\n<p>      login;*;mohan;Wd0700-1700<\/p>\n<p>2. Allow users A &#038; B to login on all days between 8 am and 5 pm except for Sunday.<\/p>\n<p>      login;*;A|B;AlSu0800-1700<\/p>\n<p>If a day is specified more than once, it is unset. So in the above example, Sunday is specified twice (Al = All days, Su = Sunday). This causes it to be unset, so this rule applies to all days except Sunday.<\/p>\n<p><strong>Access Based Restrictions<\/strong><br \/>\n\/etc\/security\/access.conf can be used to restrict access by terminal or host. The following must be placed in \/etc\/pam.d\/login in order for these examples to work:<\/p>\n<p>account    required   \/lib\/security\/pam_access.so<\/p>\n<p>1. Deny mohan login access on all terminals except for tty1:<\/p>\n<p>      -:mohan:ALL EXCEPT tty1<\/p>\n<p>2. Users in the group operator are only allowed to login from a local terminal:<\/p>\n<p>      -:operator:ALL EXCEPT LOCAL<\/p>\n<p>3. Allow user A to only login from a trusted server:<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Time Based Restrictions These examples will limit the login times of certain users. See \/etc\/security\/time.conf for more information\/examples. In order to place time restrictions on user logins, the following must be placed in \/etc\/pam.d\/login:<\/p>\n<p>account required \/lib\/security\/pam_time.so<\/p>\n<p>The remaining lines should be placed in \/etc\/security\/time.conf.<\/p>\n<p>1. Only allow user mohan to login during on weekdays [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,4],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/4934"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4934"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/4934\/revisions"}],"predecessor-version":[{"id":4935,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/4934\/revisions\/4935"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}