👤
Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:
Select Section of Man Page:
Select Man Page Repository:

NetBSD 6.1.5 - man page for login.conf (netbsd section 5)

LOGIN.CONF(5)			     BSD File Formats Manual			    LOGIN.CONF(5)

NAME
     login.conf -- login class capability data base

SYNOPSIS
     login.conf

DESCRIPTION
     The login.conf file describes the various attributes of login classes.  A login class deter-
     mines what styles of authentication are available as well as session resource limits and
     environment setup.  While designed primarily for the login(1) program, it is also used by
     other programs, e.g., rexecd(8), which need to set up a user environment.

     The class to be used is normally determined by the class field in the password file (see
     passwd(5)).  The class is used to look up a corresponding entry in the login.conf file.  A
     special class called ``default'' will be used (if it exists) if the field in the password
     file is empty.

CAPABILITIES
     Refer to getcap(3) for a description of the file layout.  An example entry is:

	   classname|Description entry:\
		   :capability=value:\
		   :booleancapability:\
			   ...
		   :lastcapability=value:

     All entries in the login.conf file are either boolean or use a `=' to separate the capabil-
     ity from the value.  The types are described after the capability table.

     Name	       Type	  Default    Description

     copyright	       file		     File containing additional copyright information.
					     (If the file exists, login(1) displays it before the
					     welcome message.)

     coredumpsize      size		     Maximum coredump size limit.

     cputime	       time		     CPU usage limit.

     datasize	       size		     Maximum data size limit.

     filesize	       size		     Maximum file size limit.

     host.allow        string		     A comma-separated list of host name or IP address
					     patterns from which a class is allowed access.
					     Access is instead denied from any hosts preceded by
					     '!'.  Patterns can contain the sh(1)-style '*' and
					     '?' wildcards.  The host.deny entry is checked
					     before host.allow.  (Currently used only by
					     sshd(8).)

     host.deny	       string		     A comma-separated list of host name or IP address
					     patterns from which a class is denied access.  Pat-
					     terns as per host.allow, although a matched pattern
					     that has been negated with '!' is ignored.  (Cur-
					     rently used only by sshd(8).)

     hushlogin	       bool	  false      Same as having a $HOME/.hushlogin file.  See
					     login(1).

     ignorenologin     bool	  false      Not affected by nologin files.

     login-retries     number	  10	     Maximum number of login attempts allowed.

     login-backoff     number	  3	     Number of login attempts after which to start random
					     back-off.

     maxproc	       number		     Maximum number of processes.

     memorylocked      size		     Maximum locked in core memory size limit.

     memoryuse	       size		     Maximum in core memoryuse size limit.

     minpasswordlen    number		     The minimum length a local password may be.  Used by
					     the passwd(1) utility.

     nologin	       file		     If the file exists it will be displayed and the
					     login session will be terminated.

     openfiles	       number		     Maximum number of open file descriptors per process.

     passwordtime      time		     Used by passwd(1) to set next password expiry date.

     password-warn     time	  2w	     If the user's password will expire within this
					     length of time then warn the user of this.

     path	       path	  /bin /usr/bin
					     Default search path.

     priority	       number		     Initial priority (nice) level.

     requirehome       bool	  false      Require home directory to login.

     sbsize	       size		     Maximum socket buffer size limit.

     setenv	       list		     Comma or whitespace separated list of environment
					     variables and values to be set.  Commas and white-
					     space can be escaped using \\.

     shell	       program		     Session shell to execute rather than the shell spec-
					     ified in the password file.  The SHELL environment
					     variable will contain the shell specified in the
					     password file.

     stacksize	       size		     Maximum stack size limit.

     tc 	       string		     A "continuation" entry, which must be the last capa-
					     bility provided.  More capabilities are read from
					     the named entry.  The capabilities given before tc
					     override those in the entry invoked by tc.

     term	       string	  su	     Default terminal type if not able to determine from
					     other means.

     umask	       number	  022	     Initial umask.  Should always have a leading 0 to
					     assure octal interpretation.  See umask(2).

     welcome	       file	  /etc/motd  File containing welcome message.  login(1) displays
					     this and sshd(8) sends this.

     The resource limit entries (coredumpsize, cputime, datasize, filesize, maxproc,
     memorylocked, memoryuse, openfiles, sbsize, and stacksize) actually specify both the maximum
     and current limits (see getrlimit(2)).  The current limit is the one normally used, although
     the user is permitted to increase the current limit to the maximum limit.	The maximum and
     current limits may be specified individually by appending a '-max' or '-cur' to the capabil-
     ity name (e.g., openfiles-max and openfiles-cur).

     NetBSD will never define capabilities which start with x- or X-; these are reserved for
     external use (unless included through contributed software).

     The argument types are defined as:

     bool	If the name is present, then the boolean value is true; otherwise, it is false.

     file	Path name to a text file.

     list	A comma or whitespace separated list of values.

     number	A number.  A leading 0x implies the number is expressed in hexadecimal.  A lead-
		ing 0 implies the number is expressed in octal.  Any other number is treated as
		decimal.

     path	A space separated list of path names.  If a '~' is the first character in the
		path name, the '~' is expanded to the user's home directory.

     program	A path name to program.

     size	A number which expresses a size in bytes.  It may have a trailing b to multiply
		the value by 512, a k to multiply the value by 1 K (1024), and a m to multiply
		the value by 1 M (1048576).

     time	A time in seconds.  A time may be expressed as a series of numbers which are
		added together.  Each number may have a trailing character to represent time
		units:

		y    Indicates a number of 365 day years.

		w    Indicates a number of 7 day weeks.

		d    Indicates a number of 24 hour days.

		h    Indicates a number of 60 minute hours.

		m    Indicates a number of 60 second minutes.

		s    Indicates a number of seconds.

		For example, to indicate 1 and 1/2 hours, the following string could be used:
		1h30m.

FILES
     /etc/login.conf	 login class capability database
     /etc/login.conf.db  hashed database built with cap_mkdb(1)

SEE ALSO
     cap_mkdb(1), login(1), getcap(3), login_cap(3), ttys(5), ftpd(8), sshd(8)

HISTORY
     The login.conf configuration file appeared in NetBSD 1.5.

BSD					November 18, 2008				      BSD


All times are GMT -4. The time now is 05:17 PM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
×
UNIX.COM Login
Username:
Password:  
Show Password