usrtime -- System Administration

Times each user is permitted to log in
/etc/usrtime

File /etc/usrtime holds the time, day  of the week, and terminal line  upon
which a given user can log  into your COHERENT system.  Command login reads
it to  see if a user  who is attempting to  log in is doing  at a permitted
time and via a permitted line.   If a user is not named in this file, login
assumes that she can log in at any time, via any line.

usrtime consists of an indefinite  number of lines, each with the following
format:

    users:enable:tty:weekday:time:comment

The following describes each field in detail.

user The login identifiers of the user or users to be restricted.  Multiple
     identifiers  must be  separated by  commas.   Each identifier  must be
     defined in  /etc/passwd. If this  field is empty,  then the line  is a
     default for every user not specifically named elsewhere in usrtime.

     The keywords ALL, UUCP, SLIP, and INTERACTIVE can also be used in this
     field,  to name  categories of  users.  They  are described  in detail
     below.

enable
     Enable or disable the  login (or logins).  NOLOGIN disables the login;
     LOGIN or an empty field enables it.  A range of dates of the form

         yyyymmdd-yyyymmdd

     enables logins  only during those dates.  This  field can contain more
     than one range of dates; if it does, the ranges must be separated by a
     comma.  Prefixing a range of  dates with a `!' disables logins between
     those dates.

tty  This field lists the devices via  which the user (or users) may log in
     -- usually  a tty or  com device.  If  this field names  more than one
     device, they  must be separated by commas.  A  device name can contain
     the wildcard  character `?'; for  details on how  this is interpreted,
     see the  Lexicon entry for wildcards.  If a device is  prefixed with a
     `!', the user  cannot log in on that device.   If this field is empty,
     then the user can log in on all devices.

weekday
     This field  lists the  days of  the week upon  which the the  user (or
     users)  can log  in.  If  more  than one  day is  named, they  must be
     separated  by  commas.  Each  day  is identified  by  the first  three
     letters of  its name.  If a  weekday is prefixed with  a `!', then the
     users cannot  log in on that  day.  If this field  is empty, the users
     can log in on any day of the week.

time This field  gives range of time  during which the user  (or users) may
     log in.  Time is given in the form:

         hhmm-hhmm

     If more  than one range  is named, they  must be separated  by commas.
     Prefixing a range with a `!' forbids the user to log in during between
     those times.  If this field is  empty, then the user can log in during
     any time of the day.

comment
     This  field holds  some commentary, presumably  helpful to  others who
     must read this file.  login ignores this field.

Scope of Entries

A user may be affected by more than entry in this file.  The order in which
the entries appear is significant.

At the  top of the file  should appear the entries  that are being excluded
from restriction.  These should include  such users as bin and daemon, plus
any ordinary  user you wish to exclude from  being restricted.  The entries
for such a users should consist of her (its) name, followed by five colons.
Any user  named in  such an  entry is immune  to any restrictions  that may
appear below in this file.

Next should come the  global restrictions, that is, restrictions for entire
categories of  users.  As  mentioned above, you  can use the  keywords ALL,
UUCP,  SLIP, or  INTERACTIVE to  describe users.   These keywords  have the
following meaning:

ALL  All users.
UUCP All ``users''  who are UUCP  accounts -- i.e.,  whose shell as  set in
     /etc/passwd is /usr/lib/uucp/uucico.
SLIP All ``users'' who are SLIP accounts -- i.e., whose shell is sllogin.
INTERACTIVE
     Users who have  an interactive the interactive shell ksh  or sh set at
     login.

Last should come entries for  individual users or clusters of users.  These
restrictions can be  set in addition to those set  for categories of users.
An entry for an individual users that appears below the global entries will
not loosen the restrictions set globally  for that user; but it can tighten
them.

Note  that  login ignores  any  restrictions set  for  the superuser  root.
Finally login ignores every line that  begins with a `#'.  You can use such
lines to hold comments.

Example

The following gives an example usrtime file:

    # <user>:<enable>:<tty>:<weekday>:<time>:<comment>
    sys,bin,daemon:::::
    INTERACTIVE::/dev/com??,/dev/color?:Mon,Tue,Wed,Thu,Fri:0630-1830:
    UUCP::/dev/com2l:::UUCP accounts
    ::::0800-1700:default for anybody not mentioned below
    fred,anne:LOGIN:/dev/color?::0830-1630:administration
    ivan,marian:LOGIN:/dev/com??:::secretarial staff
    catherine:19930401-19931130::::consultant programmer

See Also

Administering COHERENT,
login

Notes

No line in usrtime can exceed 500 characters.

© 2012 by Stephen A. Ness