27.2.7. Controlling Access to At and Batch
You can restrict the access to the
at
and batch
commands using the /etc/at.allow
and /etc/at.deny
files. These access control files use the same format defining one user name on each line. Mind that no whitespace are permitted in either file.
If the file
at.allow
exists, only users listed in the file are allowed to use at
or batch
, and the at.deny
file is ignored.
If
at.allow
does not exist, users listed in at.deny
are not allowed to use at
or batch
.
The
at
daemon (atd
) does not have to be restarted if the access control files are modified. The access control files are read each time a user tries to execute the at
or batch
commands.
The root user can always execute
at
and batch
commands, regardless of the content of the access control files.