login.conf man page on NetBSD

Man page or keyword search:  
man Server   9087 pages
apropos Keyword Search (all sections)
Output format
NetBSD logo
[printable version]

LOGIN.CONF(5)		    BSD File Formats Manual		 LOGIN.CONF(5)

NAME
     login.conf — login class capability data base

SYNOPSIS
     login.conf

DESCRIPTION
     The login.conf file describes the various attributes of login classes.  A
     login class determines what styles of authentication are available as
     well as session resource limits and environment setup.  While designed
     primarily for the login(1) program, it is also used by other programs,
     e.g., rexecd(8), which need to set up a user environment.

     The class to be used is normally determined by the class field in the
     password file (see passwd(5)).  The class is used to look up a corre‐
     sponding entry in the login.conf file.  A special class called “default”
     will be used (if it exists) if the field in the password file is empty.

CAPABILITIES
     Refer to getcap(3) for a description of the file layout.  An example
     entry is:

	   classname|Description entry:\
		   :capability=value:\
		   :booleancapability:\
			   ...
		   :lastcapability=value:

     All entries in the login.conf file are either boolean or use a `=' to
     separate the capability from the value.  The types are described after
     the capability table.

     Name	       Type	  Default    Description

     copyright	       file		     File containing additional copy‐
					     right information.	 (If the file
					     exists, login(1) displays it
					     before the welcome message.)

     coredumpsize      size		     Maximum coredump size limit.

     cputime	       time		     CPU usage limit.

     datasize	       size		     Maximum data size limit.

     filesize	       size		     Maximum file size limit.

     host.allow	       string		     A comma-separated list of host
					     name or IP address patterns from
					     which a class is allowed access.
					     Access is instead denied from any
					     hosts preceded by ‘!’.  Patterns
					     can contain the sh(1)-style ‘*’
					     and ‘?’ wildcards.	 The host.deny
					     entry is checked before
					     host.allow.  (Currently used only
					     by sshd(8).)

     host.deny	       string		     A comma-separated list of host
					     name or IP address patterns from
					     which a class is denied access.
					     Patterns as per host.allow,
					     although a matched pattern that
					     has been negated with ‘!’ is
					     ignored.  (Currently used only by
					     sshd(8).)

     hushlogin	       bool	  false	     Same as having a $HOME/.hushlogin
					     file.  See login(1).

     ignorenologin     bool	  false	     Not affected by nologin files.

     login-retries     number	  10	     Maximum number of login attempts
					     allowed.

     login-backoff     number	  3	     Number of login attempts after
					     which to start random back-off.

     maxproc	       number		     Maximum number of processes.

     memorylocked      size		     Maximum locked in core memory
					     size limit.

     memoryuse	       size		     Maximum in core memoryuse size
					     limit.

     minpasswordlen    number		     The minimum length a local pass‐
					     word may be.  Used by the
					     passwd(1) utility.

     nologin	       file		     If the file exists it will be
					     displayed and the login session
					     will be terminated.

     openfiles	       number		     Maximum number of open file
					     descriptors per process.

     passwordtime      time		     Used by passwd(1) to set next
					     password expiry date.

     password-warn     time	  2w	     If the user's password will
					     expire within this length of time
					     then warn the user of this.

     path	       path	  /bin /usr/bin
					     Default search path.

     priority	       number		     Initial priority (nice) level.

     requirehome       bool	  false	     Require home directory to login.

     sbsize	       size		     Maximum socket buffer size limit.

     setenv	       list		     Comma or whitespace separated
					     list of environment variables and
					     values to be set.	Commas and
					     whitespace can be escaped using
					     \\.

     shell	       program		     Session shell to execute rather
					     than the shell specified in the
					     password file.  The SHELL envi‐
					     ronment variable will contain the
					     shell specified in the password
					     file.

     stacksize	       size		     Maximum stack size limit.

     tc		       string		     A "continuation" entry, which
					     must be the last capability pro‐
					     vided.  More capabilities are
					     read from the named entry.	 The
					     capabilities given before tc
					     override those in the entry
					     invoked by tc.

     term	       string	  su	     Default terminal type if not able
					     to determine from other means.

     umask	       number	  022	     Initial umask.  Should always
					     have a leading 0 to assure octal
					     interpretation.  See umask(2).

     welcome	       file	  /etc/motd  File containing welcome message.
					     login(1) displays this and
					     sshd(8) sends this.

     The resource limit entries (coredumpsize, cputime, datasize, filesize,
     maxproc, memorylocked, memoryuse, openfiles, sbsize, and stacksize) actu‐
     ally specify both the maximum and current limits (see getrlimit(2)).  The
     current limit is the one normally used, although the user is permitted to
     increase the current limit to the maximum limit.  The maximum and current
     limits may be specified individually by appending a ‘-max’ or ‘-cur’ to
     the capability name (e.g., openfiles-max and openfiles-cur).

     NetBSD will never define capabilities which start with x- or X-; these
     are reserved for external use (unless included through contributed soft‐
     ware).

     The argument types are defined as:

     bool	If the name is present, then the boolean value is true; other‐
		wise, it is false.

     file	Path name to a text file.

     list	A comma or whitespace separated list of values.

     number	A number.  A leading 0x implies the number is expressed in
		hexadecimal.  A leading 0 implies the number is expressed in
		octal.	Any other number is treated as decimal.

     path	A space separated list of path names.  If a ‘~’ is the first
		character in the path name, the ‘~’ is expanded to the user's
		home directory.

     program	A path name to program.

     size	A number which expresses a size in bytes.  It may have a
		trailing b to multiply the value by 512, a k to multiply the
		value by 1 K (1024), and a m to multiply the value by 1 M
		(1048576).

     time	A time in seconds.  A time may be expressed as a series of
		numbers which are added together.  Each number may have a
		trailing character to represent time units:

		y    Indicates a number of 365 day years.

		w    Indicates a number of 7 day weeks.

		d    Indicates a number of 24 hour days.

		h    Indicates a number of 60 minute hours.

		m    Indicates a number of 60 second minutes.

		s    Indicates a number of seconds.

		For example, to indicate 1 and 1/2 hours, the following string
		could be used: 1h30m.

FILES
     /etc/login.conf	 login class capability database
     /etc/login.conf.db	 hashed database built with cap_mkdb(1)

SEE ALSO
     cap_mkdb(1), login(1), getcap(3), login_cap(3), ttys(5), ftpd(8), sshd(8)

HISTORY
     The login.conf configuration file appeared in NetBSD 1.5.

BSD			       November 18, 2008			   BSD
[top]
                             _         _         _ 
                            | |       | |       | |     
                            | |       | |       | |     
                         __ | | __ __ | | __ __ | | __  
                         \ \| |/ / \ \| |/ / \ \| |/ /  
                          \ \ / /   \ \ / /   \ \ / /   
                           \   /     \   /     \   /    
                            \_/       \_/       \_/ 
More information is available in HTML format for server NetBSD

List of man pages available for NetBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net