login.conf revision 29731 
1# Sample login.conf - login class capabilities database.
2# To speed up access to this data, you can use /usr/bin/cap_mkdb
3# to create a database form of this file:
4#
5#	cap_mkdb /etc/login.conf
6#
7# Don't forget to do this after each edit as well!
8#
9# This file controls resource limits, accounting limits and
10# default user environment settings.
11#
12#	$Id: login.conf,v 1.13 1997/07/11 22:11:13 guido Exp $
13#
14
15
16# Authentication methods
17
18auth-defaults:\
19	:auth=krb_skey_or_passwd,passwd,kerberos,skey:
20
21auth-root-defaults:\
22	:auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\
23	:auth-rlogin=krb_or_skey,kerberos,skey:\
24
25auth-ftp-defaults:\
26	:auth=skey_or_pwd,passwd,skey:
27
28
29# Example defaults
30# These settings are used by login(1) by default for classless users
31# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
32
33default:\
34	:cputime=infinity:\
35	:datasize-cur=16M:\
36	:stacksize-cur=8M:\
37	:memorylocked-cur=10M:\
38	:memoryuse-cur=30M:\
39	:filesize=infinity:\
40	:coredumpsize=infinity:\
41	:maxproc-cur=64:\
42	:openfiles-cur=64:\
43	:priority=0:\
44	:requirehome@:\
45	:umask=022:\
46	:tc=auth-defaults:
47
48
49#
50# standard - standard user defaults
51#
52standard:\
53	:copyright=/etc/COPYRIGHT:\
54	:welcome=/etc/motd:\
55	:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/ee:\
56	:path=~/bin /bin /usr/bin /usr/local/bin:\
57	:manpath=/usr/share/man /usr/local/man:\
58	:nologin=/etc/nologin:\
59	:cputime=1h30m:\
60	:datasize=8M:\
61	:stacksize=2M:\
62	:memorylocked=4M:\
63	:memoryuse=8M:\
64	:filesize=8M:\
65	:coredumpsize=8M:\
66	:openfiles=24:\
67	:maxproc=32:\
68	:priority=0:\
69	:requirehome:\
70	:passwordperiod=90d:\
71	:umask=002:\
72	:ignoretime@:\
73	:tc=default:
74
75
76#
77# users of X (needs more resources!)
78#
79xuser:\
80	:manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\
81	:cputime=4h:\
82	:datasize=12M:\
83	:stacksize=4M:\
84	:filesize=8M:\
85	:memoryuse=16M:\
86	:openfiles=32:\
87	:maxproc=48:\
88	:tc=standard:
89
90
91#
92# Staff users - few restrictions and allow login anytime
93#
94staff:\
95	:ignorenologin:\
96	:ignoretime:\
97	:requirehome@:\
98	:accounted@:\
99	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
100	:umask=022:\
101	:tc=standard:
102
103
104#
105# root - fallback for root logins
106#
107root:\
108	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
109	:cputime=infinity:\
110	:datasize=infinity:\
111	:stacksize=infinity:\
112	:memorylocked=infinity:\
113	:memoryuse=infinity:\
114	:filesize=infinity:\
115	:coredumpsize=infinity:\
116	:openfiles=infinity:\
117	:maxproc=infinity:\
118	:memoryuse-cur=32M:\
119	:maxproc-cur=64:\
120	:openfiles-cur=1024:\
121	:priority=0:\
122	:requirehome@:\
123	:umask=022:\
124	:tc=auth-root-defaults:\
125
126
127#
128# Settings used by /etc/rc
129#
130daemon:\
131	:coredumpsize=0:\
132	:datasize=infinity:\
133	:datasize-cur@:\
134	:maxproc=256:\
135	:maxproc-cur@:\
136	:memoryuse-cur=64M:\
137	:memorylocked-cur=64M:\
138	:openfiles=1024:\
139	:openfiles-cur@:\
140	:stacksize=16M:\
141	:stacksize-cur@:\
142	:tc=default:
143
144
145#
146# Settings used by news subsystem
147#
148news:\
149	:path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
150	:cputime=infinity:\
151	:filesize=128M:\
152	:datasize-curr=64M:\
153	:stacksize-cur=32M:\
154	:coredumpsize-cur=0:\
155	:maxmemorysize-cur=128M:\
156	:memorylocked=32M:\
157	:maxproc=128:\
158	:openfiles=256:\
159	:tc=default:
160
161
162#
163# The dialer class should be used for a dialup PPP/SLIP accounts
164# Welcome messages/news suppressed
165#
166dialer:\
167	:hushlogin:\
168	:requirehome@:\
169	:cputime=unlimited:\
170	:filesize=2M:\
171	:datasize=2M:\
172	:stacksize=4M:\
173	:coredumpsize=0:\
174	:memoryuse=4M:\
175	:memorylocked=1M:\
176	:maxproc=16:\
177	:openfiles=32:\
178	:tc=standard:
179
180
181#
182# Site full-time 24/7 PPP/SLIP connections
183# - no time accounting, restricted to access via dialin lines
184#
185site:\
186	:ignoretime:\
187	:passwordperiod@:\
188	:refreshtime@:\
189	:refreshperiod@:\
190	:sessionlimit@:\
191	:autodelete@:\
192	:expireperiod@:\
193	:graceexpire@:\
194	:gracetime@:\
195	:warnexpire@:\
196	:warnpassword@:\
197	:idletime@:\
198	:sessiontime@:\
199	:daytime@:\
200	:weektime@:\
201	:monthtime@:\
202	:warntime@:\
203	:accounted@:\
204	:tc=dialer:\
205	:tc=staff:
206
207
208#
209# Example standard accounting entries for subscriber levels
210#
211
212subscriber|Subscribers:\
213	:accounted:\
214	:refreshtime=180d:\
215	:refreshperiod@:\
216	:sessionlimit@:\
217	:autodelete=30d:\
218	:expireperiod=180d:\
219	:graceexpire=7d:\
220	:gracetime=10m:\
221	:warnexpire=7d:\
222	:warnpassword=7d:\
223	:idletime=30m:\
224	:sessiontime=4h:\
225	:daytime=6h:\
226	:weektime=40h:\
227	:monthtime=120h:\
228	:warntime=4h:\
229	:tc=standard:
230
231
232#
233# Subscriber accounts. These accounts have their login times
234# accounted and have access limits applied.
235#
236subppp|PPP Subscriber Accounts:\
237	:tc=dialer:\
238	:tc=subscriber:
239
240
241subslip|SLIP Subscriber Accounts:\
242	:tc=dialer:\
243	:tc=subscriber:
244
245
246subshell:Shell Subscriber Accounts:\
247	:tc=subscriber:
248
249
250#
251# Russian Users Accounts. Setup proper environment variables.
252#
253russian:Russian Users Accounts:\
254	:charset=KOI8-R:\
255	:lang=ru_RU.KOI8-R:\
256	:tc=default:
257