39.2.5. Controlling Access to At and Batch
The
/etc/at.allow
and /etc/at.deny
files can be used to restrict access to the at
and batch
commands. The format of both access control files is one username on each line. Whitespace is not permitted in either file. The at
daemon (atd
) does not have to be restarted if the access control files are modified. The access control files are read each time a user tries to execute the at
or batch
commands.
The root user can always execute
at
and batch
commands, regardless of the access control files.
If the file
at.allow
exists, only users listed in it are allowed to use at
or batch
, and the at.deny
file is ignored.
If
at.allow
does not exist, users listed in at.deny
are not allowed to use at
or batch
.