timeoutd - Enforce idle and session time restrictions
/usr/sbin/timeoutd [ user tty ]
timeoutd enforces the time restrictions specified in /etc/timeouts.
When invoked in daemon mode (without any parameters) timeoutd
backgrounds itself, then scans /var/run/utmp every minute and checks
/etc/timeouts for an entry which matches that user, based on:
- The current day and time
- The tty that the user is currently logged in on
- The user’s login ID
- Any primary or secondary groups the user is in
If a match is found, the limits specified for that entry are enforced
by sending a SIGHUP (Hangup signal) to the user’s login process,
followed after 5 seconds by a SIGKILL (Sure kill signal) to ensure the
user is logged out.
Where possible, timeoutd will send a warning to the user every minute
for 5 minutes (or other time specified in /etc/timeouts) before logging
them out. Warnings are not sent for exceeded idle limits, as this
would count as activity on the terminal.
Timeoutd currently allows limits to be set on idle time as well as
amount of time logged in per session and per day.
When calculating idle time, any activity on the terminal, either
incoming (such as typing) or outgoing (such as information displayed on
the screen) is counted as activity. This is to prevent log-offs during
Under Linux, timeoutd detects when a serial line is in SLIP mode and
disables idle time limit checking (as the last read/write times for the
tty are not updated).
Debug information, error messages and notification of users who have
been timed out are all recorded via syslog (facility=DAEMON).
timeoutd can also be invoked by login to check whether a user is
allowed to login at that time, or whether they have exceeded their
daily time limit. When invoked in this way, by passing a username and
tty (without the leading /dev) on the command line, timeoutd returns
one of the following exit codes:
0 User is allowed to login
1 Fatal error
5 Incorrect command line format
10 User has exceeded maximum daily connect time
20 User not permitted to login at this time on this tty
30 Internal error checking user name (probably invalid user name)
/etc/timeouts - lists valid login times and idle/session time
/var/run/utmp - current login sessions
/var/log/wtmp - for calculating total logged in time for current day
Sessions which end in the current day but started before midnight will
not be considered when calculating total daily logged in time for a
user on that day. This will not, however, affect checking of the
session limit, which should limit such problems. It does mean that a
user could conceivably exceed their maximum daily time by one extra
session if they log on just before midnight.
Orginally written by Shane Alderton <firstname.lastname@example.org>, updated by
Dennis Stampfer <email@example.com>.