login(1) [osx man page]
LOGIN(1) BSD General Commands Manual LOGIN(1) NAME
login -- log into the computer SYNOPSIS
login [-pq] [-h hostname] [user] login -f [-lpq] [-h hostname] [user [prog [args...]]] DESCRIPTION
The login utility logs users (and pseudo-users) into the computer system. If no user is specified, or if a user is specified and authentication of the user fails, login prompts for a user name. Authentication of users is configurable via pam(8). Password authentication is the default. The following options are available: -f When a user name is specified, this option indicates that proper authentication has already been done and that no password need be requested. This option may only be used by the super-user or when an already logged in user is logging in as themselves. With the -f option, an alternate program (and any arguments) may be run instead of the user's default shell. The program and argu- ments follows the user name. -h Specify the host from which the connection was received. It is used by various daemons such as telnetd(8). This option may only be used by the super-user. -l Tells the program executed by login that this is not a login session (by convention, a login session is signalled to the program with a hyphen as the first character of argv[0]; this option disables that), and prevents it from chdir(2)ing to the user's home direc- tory. The default is to add the hyphen (this is a login session). -p By default, login discards any previous environment. The -p option disables this behavior. -q This forces quiet logins, as if a .hushlogin is present. If the file /etc/nologin exists, login dislays its contents to the user and exits. This is used by shutdown(8) to prevent users from logging in when the system is about to go down. Immediately after logging a user in, login displays the system copyright notice, the date and time the user last logged in, the message of the day as well as other information. If the file .hushlogin exists in the user's home directory, all of these messages are suppressed. -q is specified, all of these messages are suppressed. This is to simplify logins for non-human users, such as uucp(1). login then records an entry in utmpx(5) and the like, and executes the user's command interpreter (or the program specified on the command line if -f is speci- fied). The login utility enters information into the environment (see environ(7)) specifying the user's home directory (HOME), command interpreter (SHELL), search path (PATH), terminal type (TERM) and user name (both LOGNAME and USER). Some shells may provide a builtin login command which is similar or identical to this utility. Consult the builtin(1) manual page. The login utility will submit an audit record when login succeeds or fails. Failure to determine the current auditing state will result in an error exit from login. FILES
/etc/motd message-of-the-day /etc/nologin disallows logins /var/run/utmpx current logins /var/mail/user system mailboxes .hushlogin makes login quieter /etc/pam.d/login pam(8) configuration file /etc/security/audit_user user flags for auditing /etc/security/audit_control global flags for auditing SEE ALSO
builtin(1), chpass(1), newgrp(1), passwd(1), rlogin(1), getpass(3), utmpx(5), environ(7) HISTORY
A login utility appeared in Version 6 AT&T UNIX. BSD
September 13, 2006 BSD
Check Out this Related Man Page
LOGIN(1) BSD General Commands Manual LOGIN(1) NAME
login -- authenticate users and set up their session environment SYNOPSIS
login [-Ffps] [-a address] [-h hostname] [user] DESCRIPTION
The login utility logs users (and pseudo-users) into the computer system. If no user is specified, or if a user is specified and authentication of the user fails, login prompts for a user name. Authentication of users is done via passwords. If the user can be authenticated via S/Key, then the S/Key challenge is incorporated in the password prompt. The user then has the option of entering their Kerberos or normal password or the S/Key response. Neither will be echoed. The options are as follows: -a The -a option specifies the address of the host from which the connection was received. It is used by various daemons such as telnetd(8). This option may only be used by the super-user. -F The -F option acts like the -f option, but also indicates to login that it should attempt to rewrite an existing Kerberos 5 creden- tials cache (specified by the KRB5CCNAME environment variable) after dropping permissions to the user logging in. This flag is not supported under pam(8). -f The -f option is used when a user name is specified to indicate that proper authentication has already been done and that no password need be requested. This option may only be used by the super-user or when an already logged in user is logging in as themselves. -h The -h option specifies the host from which the connection was received. It is used by various daemons such as telnetd(8). This option may only be used by the super-user. -p By default, login discards any previous environment. The -p option disables this behavior. -s Require a secure authentication mechanism like Kerberos or S/Key to be used. This flag is not supported under pam(8). If a user other than the superuser attempts to login while the file /etc/nologin exists, login displays its contents to the user and exits. This is used by shutdown(8) to prevent normal users from logging in when the system is about to go down. Immediately after logging a user in, login displays the system copyright notice, the date and time the user last logged in, the message of the day as well as other information. If the file ``.hushlogin'' exists in the user's home directory, all of these messages are suppressed. This is to simplify logins for non-human users. login then records an entry in the wtmp(5) and utmp(5) files, executes site-specific login commands via the ttyaction(3) facility with an action of "login", and executes the user's command interpreter. login enters information into the environment (see environ(7)) specifying the user's home directory (HOME), command interpreter (SHELL), search path (PATH), terminal type (TERM) and user name (both LOGNAME and USER). The user's login experience can be customized using login class capabilities as configured in /etc/login.conf and documented in login.conf(5). The standard shells, csh(1) and sh(1), do not fork before executing the login utility. FILES
/etc/login.conf login class capability database /etc/motd message-of-the-day /etc/nologin disallows non-superuser logins /var/run/utmp list of current logins /var/log/lastlog last login account records /var/log/wtmp login account records /var/mail/user system mailboxes .hushlogin makes login quieter SEE ALSO
chpass(1), newgrp(1), passwd(1), rlogin(1), skey(1), getpass(3), ttyaction(3), login.conf(5), passwd.conf(5), utmp(5), environ(7), kerberos(8), pam(8) HISTORY
A login appeared in Version 6 AT&T UNIX. TRADEMARKS AND PATENTS
S/Key is a trademark of Bellcore. BSD
November 19, 2008 BSD