# Sample login.conf - login class capabilities database. # To speed up access to this data, you can use /bin/cap_mkdb # to create a database form of this file: # # cap_mkdb /etc/login.conf # # Don't forget to do this after each edit as well! # # This file controls resource limits, accounting limits and # default user environment settings. # # $FreeBSD: head/etc/login.conf 21673 1997-01-14 07:20:47Z jkh $ # # Authentication methods auth-defaults:\ :auth=krb_skey_or_passwd,passwd,kerberos,skey: auth-root-defaults:\ :auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\ :auth-rlogin=krb_or_skey,kerberos,skey:\ auth-ftp-defaults:\ :auth=skey_or_pwd,passwd,skey: # Example defaults # These settings are used by login(1) by default for classless users # Note that entries like "cputime" set both "cputime-cur" and "cputime-max" default:\ :cputime=infinity:\ :coredumpsize=infinity:\ :datasize=16M:\ :filesize=infinity:\ :maxproc=64:\ :memorylocked=10M:\ :memoryuse=30M:\ :openfiles=64:\ :priority=0:\ :requirehome:\ :stacksize=2M:\ :term=dumb:\ :umask=022:\ :rc=auth-defaults: # # standard - standard user defaults # standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$ BLOCKSIZE=K EDITOR=/usr/bin/ee:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/etc/nologin:\ :coredumpsize=8M:\ :cputime=1h30m:\ :datasize=8M:\ :stacksize=2M:\ :filesize=8M:\ :memorylocked=4M:\ :memoryuse=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :umask=002:\ :ignoretime@:\ :tc=default: # # users of X (needs more resources!) # xuser:\ :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ :cputime=4M:\ :stacksize=4M:\ :filesize=8M:\ :memoryuse=12M:\ :openfiles=32:\ :maxproc=48:\ :tc=standard: # # Staff users - few restrictions and allow login anytime # display staff motd # staff:\ :welcome=/etc/motd-staff:\ :ignorenologin:\ :ignoretime:\ :requirehome@:\ :accounted@:\ :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ :umask=022:\ :tc=standard: # # root - fallback for root logins # root:\ :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ :umask=022:\ :tc=auth-root-defaults:\ :tc=staff: # # Settings used by /etc/rc # daemon:\ :cputime=unlimited:\ :filesize=64M:\ :datasize=32M:\ :stacksize=32M:\ :coredumpsize=0:\ :memoryuse=64M:\ :memorylocked=64M:\ :maxproc=32:\ :openfiles=256:\ :tc=default: # # Settings used by news subsystem daemons # news:\ :cputime=unlimited:\ :filesize=128:\ :datasize=64M:\ :stacksize=32M:\ :coredumpsize=0:\ :maxmemorysize=128M:\ :lockedmemory=32M:\ :maxproc=128:\ :openfiles=256:\ :tc=default:\ # # The dialer class should be used for a dialup PPP/SLIP accounts # Welcome messages/news suppressed and a special shell selector # dialer:\ :hushlogin:\ :requirehome@:\ :shell=/usr/sbin/userls:\ :cputime=unlimited:\ :filesize=2M:\ :datasize=2M:\ :stacksize=4M:\ :coredumpsize=0:\ :memoryuse=4M:\ :memorylocked=1M:\ :maxproc=16:\ :openfiles=32:\ :tc=standard: # # Site full-time 24/7 PPP/SLIP connections # - no time accounting, restricted to access via dialin lines # site:\ :ignoretime:\ :passwordperiod@:\ :refreshtime@:\ :refreshperiod@:\ :sessionlimit@:\ :autodelete@:\ :expireperiod@:\ :graceexpire@:\ ;gracetime@:\ :warnexpire@:\ :warnpassword@:\ :idletime@:\ :sessiontime@:\ :daytime@:\ :weektime@:\ :monthtime@:\ :warntime@:\ :tty.allow=dialin:\ :tty.deny=:\ :host.allow=:\ :host.deny=:\ :accounted@: :tc=dialer:\ :tc=staff: # # Example standard accounting entries for subscriber levels # subscriber|Subscribers:\ :accounted:\ :passwordperiod=90d:\ :refreshtime=180d:\ :refreshperiod@:\ :sessionlimit@:\ :autodelete=30d:\ :expireperiod=180d:\ :graceexpire=7d:\ :gracetime=10m:\ :warnexpire=7d:\ :warnpassword=7d:\ :idletime=30m:\ :sessiontime=4h:\ :daytime=6h:\ :weektime=40h:\ :monthtime=120h:\ :warntime=4h:\ :tty.allow=dialin,pty,vt:\ :tty.deny=:\ :times.allow=Any0000-2400:\ :times.deny=Mo0900-1200,Fr2120-2130:\ :tc=standard: # # Subscriber accounts. These accounts have their login times # accounted and have access limits applied. # Userls is a user shell selector - do not use these classes without it! # subppp|Dual PPP/SLIP Subscriber Accounts:\ :shell=/usr/sbin/userls:\ :tc=dialer:\ :tc=subscriber: subslip|Dual PPP/SLIP Subscriber Accounts:\ :shell=/usr/sbin/userls:\ :tc=dialer:\ :tc=subscriber: subshell:Shell Subscriber Accounts:\ :tc=subscriber: