xref: /freebsd-9.3-release/etc/login.conf

# Sample login.conf - login class capabilities database.
# To speed up access to this data, you can use /bin/cap_mkdb
# to create a database form of this file:
#
#	cap_mkdb /etc/login.conf
#
# Don't forget to do this after each edit as well!
#
# This file controls resource limits, accounting limits and
# default user environment settings.
#
#	$Id$
#


# Authentication methods

auth-defaults:\
	:auth=krb_skey_or_passwd,passwd,kerberos,skey:

auth-root-defaults:\
	:auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\
	:auth-rlogin=krb_or_skey,kerberos,skey:\

auth-ftp-defaults:\
	:auth=skey_or_pwd,passwd,skey:


# Example defaults
# These settings are used by login(1) by default for classless users
# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"

default:\
	:cputime=infinity:\
	:datasize-cur=16M:\
	:stacksize-cur=8M:\
	:memorylocked-cur=10M:\
	:memoryuse-cur=30M:\
	:filesize=infinity:\
	:coredumpsize=infinity:\
	:maxproc-cur=64:\
	:openfiles-cur=64:\
	:priority=0:\
	:requirehome:\
	:term=dumb:\
	:umask=022:\
	:rc=auth-defaults:


#
# standard - standard user defaults
#
standard:\
	:copyright=/etc/COPYRIGHT:\
	:welcome=/etc/motd:\
	:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/ee:\
	:path=~/bin /bin /usr/bin /usr/local/bin:\
	:manpath=/usr/share/man /usr/local/man:\
	:nologin=/etc/nologin:\
	:cputime=1h30m:\
	:datasize=8M:\
	:stacksize=2M:\
	:memorylocked=4M:\
	:memoryuse=8M:\
	:filesize=8M:\
	:coredumpsize=8M:\
	:openfiles=24:\
	:maxproc=32:\
	:priority=0:\
	:requirehome:\
	:passwordperiod=90d:\
	:umask=002:\
	:ignoretime@:\
	:tc=default:


#
# users of X (needs more resources!)
#
xuser:\
	:manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\
	:cputime=4h:\
	:datasize=12M:\
	:stacksize=4M:\
	:filesize=8M:\
	:memoryuse=16M:\
	:openfiles=32:\
	:maxproc=48:\
	:tc=standard:


#
# Staff users - few restrictions and allow login anytime
#
staff:\
	:ignorenologin:\
	:ignoretime:\
	:requirehome@:\
	:accounted@:\
	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
	:umask=022:\
	:tc=standard:


#
# root - fallback for root logins
#
root:\
	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
	:cputime=infinity:\
	:datasize=infinity:\
	:stacksize=infinity:\
	:memorylocked=infinity:\
	:memoryuse=infinity:\
	:filesize=infinity:\
	:coredumpsize=infinity:\
	:openfiles=infinity:\
	:maxproc=infinity:\
	:memoryuse-cur=32M:\
	:maxproc-cur=64:\
	:openfiles-cur=256:\
	:priority=0:\
	:requirehome@:\
	:umask=022:\
	:tc=auth-root-defaults:\


#
# Settings used by /etc/rc
#
daemon:\
	:cputime=infinity:\
	:filesize=64M:\
	:datasize=32M:\
	:stacksize=16M:\
	:coredumpsize=0:\
	:memoryuse-cur=64M:\
	:memorylocked-cur=64M:\
	:maxproc=32:\
	:openfiles=256:\
	:tc=default:


#
# Settings used by news subsystem
#
news:\
	:path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
	:cputime=infinity:\
	:filesize=128M:\
	:datasize-curr=64M:\
	:stacksize-cur=32M:\
	:coredumpsize-cur=0:\
	:maxmemorysize-cur=128M:\
	:memorylocked=32M:\
	:maxproc=128:\
	:openfiles=256:\
	:tc=default:


#
# The dialer class should be used for a dialup PPP/SLIP accounts
# Welcome messages/news suppressed
#
dialer:\
	:hushlogin:\
	:requirehome@:\
	:cputime=unlimited:\
	:filesize=2M:\
	:datasize=2M:\
	:stacksize=4M:\
	:coredumpsize=0:\
	:memoryuse=4M:\
	:memorylocked=1M:\
	:maxproc=16:\
	:openfiles=32:\
	:tc=standard:


#
# Site full-time 24/7 PPP/SLIP connections
# - no time accounting, restricted to access via dialin lines
#
site:\
	:ignoretime:\
	:passwordperiod@:\
	:refreshtime@:\
	:refreshperiod@:\
	:sessionlimit@:\
	:autodelete@:\
	:expireperiod@:\
	:graceexpire@:\
	;gracetime@:\
	:warnexpire@:\
	:warnpassword@:\
	:idletime@:\
	:sessiontime@:\
	:daytime@:\
	:weektime@:\
	:monthtime@:\
	:warntime@:\
	:accounted@:\
	:tc=dialer:\
	:tc=staff:


#
# Example standard accounting entries for subscriber levels
#

subscriber|Subscribers:\
	:accounted:\
	:refreshtime=180d:\
	:refreshperiod@:\
	:sessionlimit@:\
	:autodelete=30d:\
	:expireperiod=180d:\
	:graceexpire=7d:\
	:gracetime=10m:\
	:warnexpire=7d:\
	:warnpassword=7d:\
	:idletime=30m:\
	:sessiontime=4h:\
	:daytime=6h:\
	:weektime=40h:\
	:monthtime=120h:\
	:warntime=4h:\
	:tc=standard:


#
# Subscriber accounts. These accounts have their login times
# accounted and have access limits applied.
#
subppp|PPP Subscriber Accounts:\
	:tc=dialer:\
	:tc=subscriber:


subslip|SLIP Subscriber Accounts:\
	:tc=dialer:\
	:tc=subscriber:


subshell:Shell Subscriber Accounts:\
	:tc=subscriber: