I built a zero-config, 2FA-secured Screen Time Manager for Linux 🐧
Posted by ibn-Yusrat@reddit | linuxadmin | View on Reddit | 27 comments
Hey guys!
So now that almost all games run pretty much perfectly on Linux, thanks to the incredible progress with Steam/Proton and the Heroic Launcher, our family finally made the jump. We shifted our main gaming rig from Windows to Linux (running Linux Mint for now) and haven't looked back.
However, I quickly ran into a major issue: the lack of robust parental controls. Most existing tools are either abandoned or incredibly easy for a clever kid to bypass by just changing the BIOS clock. I missed the "set it and forget it" nature of Microsoft Family Safety, so I decided to build a Linux-native alternative.
Meet Linux Family Time Manager.
It’s an open-source, system-level solution designed to give parents airtight control over login windows and active sessions without the "jank."
Main Features:
- 🛡️ Airtight PAM Enforcement: It hooks directly into pam_exec.so. It doesn't just "lock" the screen; it blocks the login at the system level before the desktop environment even loads.
- 🔒 2FA Authorization: No more shared passwords. Every time extension or schedule change requires a 6-digit TOTP code from your phone (Google Authenticator, Authy, etc.).
- 🧹 Active Session Sweeping: If the kids are mid-game when their time expires, a background daemon sends a desktop notification and then terminates the session via loginctl.
- ⏱️ Anti-Cheat Logic: It forces the GUI to wait for a verified Network Time Protocol (NTP) sync before allowing logins, preventing bypasses via hardware clock modification.
- 📱 Remote Web Dashboard: A mobile-friendly Flask web portal allows you to grant "+1 Hour" or "+15 Mins" bonus time instantly from your own phone/laptop.
It's built with Python, Flask, and shell scripts. Currently tested and working great on Linux Mint, Ubuntu, Debian, and Arch.
Check it out here: https://github.com/ibnYusrat/linux-user-time-manager
I'd love to hear your feedback, especially from other parents who have made the switch to Linux gaming!
ciphermenial@reddit
Imagine if the state put this kind of control on you. What does this teach your kids? I will never understand this form of parenting. Parenting by control is gross to me.
ibn-Yusrat@reddit (OP)
Like you would let them play games for 24 hours non stop and then sleep for the next 24 hours?
ciphermenial@reddit
I communicate with them about it. I have teenagers. I have never had to control or prohibit them.
ibn-Yusrat@reddit (OP)
You have teenagers and you sit and talk to them that they need to have a decipline about using computers, and they realize that they were wasting their time, and get up from games everyday on the dot and focus on studies.
Right?
ciphermenial@reddit
No. I talk to them like humans with the ability to reason. They still make bad choices at times but because they have had to moderate themselves they are sensible. I have consistently discussed self-control and moderation with them from a young age.
ibn-Yusrat@reddit (OP)
Humans have ability to reason, but someone who understands basic human behaviour also understands that humans don't just have the ability to reason. They have a much stronger ability to feel emotion. That that emotion is in control in all humans, which is why the 'self restrain' is something that needs to be taught.
This is more or less basic mundane human behaviour 101.
Emotionas are mostly in control, even more so in children. A parent who thinks my reasoning is going to make them more reasonable than emotional is lacking some basic human behavioural knowledge.
rollingviolation@reddit
I told my teenagers that if they had good grades and weren't coming home in the back of a cop car, I didn't need to micromanage anything. Step 2 was following through when the grades did slip.
st0ut717@reddit
How the hell do you think I learned how to code ?
ibn-Yusrat@reddit (OP)
You did not. But you will one day.
Runnergeek@reddit
This reads like you are an angry teenager who has their phone controlled.
Parental controls are completely reasonable. Obviously you still need to be involved and aware of what your kid is doing. Using tools to make it easier to manage completely fine and normal
ciphermenial@reddit
Adult with teenage kids. You can view your kids usage without banning and controlling.
Runnergeek@reddit
Sure but kids are sneaky and using tools to help parent is totally OK and reasonable
st0ut717@reddit
1 you vibe coded this. 2 because you vibe coded this you don’t understand the security issues of vibe code.
3 Linux has quotas. You don’t understand basic system administration 4 you don’t let your kids explore computer and only want them to able to be users not engineers 5 the you choose control of choice
ibn-Yusrat@reddit (OP)
There is a difference between "vibe coding" and using an LLM to generate code. Obviously someone who is not an engineer doens't know the difference but trust me, there is.
After 2 decades of programming, I almost never had to write code for the last 6 years anyway. But I did have to review code very single day. How does it matter where the code is coming from? A junior engineer or an LLM? It doesn't matter. Its a moronic argument. Every piece of code has to be reviewed. Why would I remove comments from a file to make it look hand written? Any engineer who has to make things today and starts writing by hand would be wasting a ton of time. But generating smaller chunks of code, reviewing them, and then approving them is technically not even vibe coding.
The guy who coined the term specifically linked it to not looking at the code at all. And this is not even a big project. If you look the time you took to write this comment to look at the code, you would have probably understood what was going on in there because of show short and small the codebase itself is.
ibn-Yusrat@reddit (OP)
No.
Pendaz@reddit
Just wow…
I got ai to build something neither of us fully understand and now I’m making it available to the public blissfully unaware of all of the vulnerabilities and security issues included within…
Yeah hard pass thanks
ibn-Yusrat@reddit (OP)
Neither of us? you don't understand it. This is an extremely basic and simple app. It has hard 3 or 4 files. none of them are long enough to be unfathomable. The process is extremely simple. The place where we are tapping is extremely straight forward. Even after the full understanding there could be issues, but heck that is true for every single piece of code you have ever imagined, including the linux's kernel itself.
How can a person who writes code think a piece of code is 100% secure? And if you waited for something to be 100% secure, today you wonuldn't have the linux's kernel itself. Its such a flimsy and weak argument.
ibn-Yusrat@reddit (OP)
Did you come across any security issue?
derprondo@reddit
"AI BAD!"
Guarantee the parent commenter didn't even look at your code, this isn't some 200k line vibecoded web app. It's actually pretty clean and simple from what I see.
Vuiz@reddit
I did, and there's a ton of AI-style comments, some removed in commits after the initial one. As someone who writes a bit of code every now and then, and do use AI for writing simple scripts - That style of comments is 100% AI.
derprondo@reddit
Sorry I didn’t claim it wasn’t AI, just that the implementation here is clean and not bullshit spaghetti.
ibn-Yusrat@reddit (OP)
Yea I could tell that. Because real engineers are generally not trolls. An Engineer would have known the struggles. Also real engineers almost always have a little bit of imposter syndrom which makes it even more difficult to be a troll so.. yea. I could tell that part form experience.
retro_grave@reddit
lol, the hate is weird. Getting familiar with PAM is cool, and making personal apps is great. More power to you friend.
ibn-Yusrat@reddit (OP)
Its pretty standard (the hate) among incompitent people. Its not that weird. For example a down vote would always come from someone who doesn't know what to add to the conversation.
Runnergeek@reddit
You might look at pam_time to manage the schedule they can login. However what doesn’t really exist natively to my knowledge is to track total time logged in
ibn-Yusrat@reddit (OP)
pam_time looks at time.conf for the time brackets which is what I did as a first attempt. The problem is if I had to modify that time, I had to ssh into the machine and manually change that time. The alternate was a simple python script that would allow me to set time based on my own config and also allow additional time easily. And managing that from the web UI was much easier and it did the job for me.
Runnergeek@reddit
That’s fair. Forcing the network time sync is how I would handle that as well. Using something like sqlite could be used to keep track of total time logged in for a day. I would recommend using systemd timers over cron as well