login.conf revision 130151
1# login.conf - login class capabilities database. 2# 3# Remember to rebuild the database after each change to this file: 4# 5# cap_mkdb /etc/login.conf 6# 7# This file controls resource limits, accounting limits and 8# default user environment settings. 9# 10# $FreeBSD: head/etc/login.conf 130151 2004-06-06 11:46:29Z schweikh $ 11# 12 13# Default settings effectively disable resource limits, see the 14# examples below for a starting point to enable them. 15 16# defaults 17# These settings are used by login(1) by default for classless users 18# Note that entries like "cputime" set both "cputime-cur" and "cputime-max" 19 20default:\ 21 :passwd_format=md5:\ 22 :copyright=/etc/COPYRIGHT:\ 23 :welcome=/etc/motd:\ 24 :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ 25 :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\ 26 :nologin=/var/run/nologin:\ 27 :cputime=unlimited:\ 28 :datasize=unlimited:\ 29 :stacksize=unlimited:\ 30 :memorylocked=unlimited:\ 31 :memoryuse=unlimited:\ 32 :filesize=unlimited:\ 33 :coredumpsize=unlimited:\ 34 :openfiles=unlimited:\ 35 :maxproc=unlimited:\ 36 :sbsize=unlimited:\ 37 :vmemoryuse=unlimited:\ 38 :priority=0:\ 39 :ignoretime@:\ 40 :umask=022: 41 42 43# 44# A collection of common class names - forward them all to 'default' 45# (login would normally do this anyway, but having a class name 46# here suppresses the diagnostic) 47# 48standard:\ 49 :tc=default: 50xuser:\ 51 :tc=default: 52staff:\ 53 :tc=default: 54daemon:\ 55 :tc=default: 56news:\ 57 :tc=default: 58dialer:\ 59 :tc=default: 60 61# 62# Root can always login 63# 64# N.B. login_getpwclass(3) will use this entry for the root account, 65# in preference to 'default'. 66root:\ 67 :ignorenologin:\ 68 :tc=default: 69 70# 71# Russian Users Accounts. Setup proper environment variables. 72# 73russian|Russian Users Accounts:\ 74 :charset=KOI8-R:\ 75 :lang=ru_RU.KOI8-R:\ 76 :tc=default: 77 78 79###################################################################### 80###################################################################### 81## 82## Example entries 83## 84###################################################################### 85###################################################################### 86 87## Example defaults 88## These settings are used by login(1) by default for classless users 89## Note that entries like "cputime" set both "cputime-cur" and "cputime-max" 90# 91#default:\ 92# :cputime=infinity:\ 93# :datasize-cur=22M:\ 94# :stacksize-cur=8M:\ 95# :memorylocked-cur=10M:\ 96# :memoryuse-cur=30M:\ 97# :filesize=infinity:\ 98# :coredumpsize=infinity:\ 99# :maxproc-cur=64:\ 100# :openfiles-cur=64:\ 101# :priority=0:\ 102# :requirehome@:\ 103# :umask=022:\ 104# :tc=auth-defaults: 105# 106# 107## 108## standard - standard user defaults 109## 110#standard:\ 111# :copyright=/etc/COPYRIGHT:\ 112# :welcome=/etc/motd:\ 113# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ 114# :path=~/bin /bin /usr/bin /usr/local/bin:\ 115# :manpath=/usr/share/man /usr/local/man:\ 116# :nologin=/var/run/nologin:\ 117# :cputime=1h30m:\ 118# :datasize=8M:\ 119# :vmemoryuse=100M:\ 120# :stacksize=2M:\ 121# :memorylocked=4M:\ 122# :memoryuse=8M:\ 123# :filesize=8M:\ 124# :coredumpsize=8M:\ 125# :openfiles=24:\ 126# :maxproc=32:\ 127# :priority=0:\ 128# :requirehome:\ 129# :passwordtime=90d:\ 130# :umask=002:\ 131# :ignoretime@:\ 132# :tc=default: 133# 134# 135## 136## users of X (needs more resources!) 137## 138#xuser:\ 139# :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ 140# :cputime=4h:\ 141# :datasize=12M:\ 142# :vmemoryuse=infinity:\ 143# :stacksize=4M:\ 144# :filesize=8M:\ 145# :memoryuse=16M:\ 146# :openfiles=32:\ 147# :maxproc=48:\ 148# :tc=standard: 149# 150# 151## 152## Staff users - few restrictions and allow login anytime 153## 154#staff:\ 155# :ignorenologin:\ 156# :ignoretime:\ 157# :requirehome@:\ 158# :accounted@:\ 159# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ 160# :umask=022:\ 161# :tc=standard: 162# 163# 164## 165## root - fallback for root logins 166## 167#root:\ 168# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ 169# :cputime=infinity:\ 170# :datasize=infinity:\ 171# :stacksize=infinity:\ 172# :memorylocked=infinity:\ 173# :memoryuse=infinity:\ 174# :filesize=infinity:\ 175# :coredumpsize=infinity:\ 176# :openfiles=infinity:\ 177# :maxproc=infinity:\ 178# :memoryuse-cur=32M:\ 179# :maxproc-cur=64:\ 180# :openfiles-cur=1024:\ 181# :priority=0:\ 182# :requirehome@:\ 183# :umask=022:\ 184# :tc=auth-root-defaults: 185# 186# 187## 188## Settings used by /etc/rc 189## 190#daemon:\ 191# :coredumpsize@:\ 192# :coredumpsize-cur=0:\ 193# :datasize=infinity:\ 194# :datasize-cur@:\ 195# :maxproc=512:\ 196# :maxproc-cur@:\ 197# :memoryuse-cur=64M:\ 198# :memorylocked-cur=64M:\ 199# :openfiles=1024:\ 200# :openfiles-cur@:\ 201# :stacksize=16M:\ 202# :stacksize-cur@:\ 203# :tc=default: 204# 205# 206## 207## Settings used by news subsystem 208## 209#news:\ 210# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ 211# :cputime=infinity:\ 212# :filesize=128M:\ 213# :datasize-cur=64M:\ 214# :stacksize-cur=32M:\ 215# :coredumpsize-cur=0:\ 216# :maxmemorysize-cur=128M:\ 217# :memorylocked=32M:\ 218# :maxproc=128:\ 219# :openfiles=256:\ 220# :tc=default: 221# 222# 223## 224## The dialer class should be used for a dialup PPP/SLIP accounts 225## Welcome messages/news suppressed 226## 227#dialer:\ 228# :hushlogin:\ 229# :requirehome@:\ 230# :cputime=unlimited:\ 231# :filesize=2M:\ 232# :datasize=2M:\ 233# :stacksize=4M:\ 234# :coredumpsize=0:\ 235# :memoryuse=4M:\ 236# :memorylocked=1M:\ 237# :maxproc=16:\ 238# :openfiles=32:\ 239# :tc=standard: 240# 241# 242## 243## Site full-time 24/7 PPP/SLIP connections 244## - no time accounting, restricted to access via dialin lines 245## 246#site:\ 247# :ignoretime:\ 248# :passwordtime@:\ 249# :refreshtime@:\ 250# :refreshperiod@:\ 251# :sessionlimit@:\ 252# :autodelete@:\ 253# :expireperiod@:\ 254# :graceexpire@:\ 255# :gracetime@:\ 256# :warnexpire@:\ 257# :warnpassword@:\ 258# :idletime@:\ 259# :sessiontime@:\ 260# :daytime@:\ 261# :weektime@:\ 262# :monthtime@:\ 263# :warntime@:\ 264# :accounted@:\ 265# :tc=dialer:\ 266# :tc=staff: 267# 268# 269## 270## Example standard accounting entries for subscriber levels 271## 272# 273#subscriber|Subscribers:\ 274# :accounted:\ 275# :refreshtime=180d:\ 276# :refreshperiod@:\ 277# :sessionlimit@:\ 278# :autodelete=30d:\ 279# :expireperiod=180d:\ 280# :graceexpire=7d:\ 281# :gracetime=10m:\ 282# :warnexpire=7d:\ 283# :warnpassword=7d:\ 284# :idletime=30m:\ 285# :sessiontime=4h:\ 286# :daytime=6h:\ 287# :weektime=40h:\ 288# :monthtime=120h:\ 289# :warntime=4h:\ 290# :tc=standard: 291# 292# 293## 294## Subscriber accounts. These accounts have their login times 295## accounted and have access limits applied. 296## 297#subppp|PPP Subscriber Accounts:\ 298# :tc=dialer:\ 299# :tc=subscriber: 300# 301# 302#subslip|SLIP Subscriber Accounts:\ 303# :tc=dialer:\ 304# :tc=subscriber: 305# 306# 307#subshell|Shell Subscriber Accounts:\ 308# :tc=subscriber: 309# 310## 311## If you want some of the accounts to use traditional UNIX DES based 312## password hashes. 313## 314#des_users:\ 315# :passwd_format=des:\ 316# :tc=default: 317