login.conf revision 48814
1# Sample login.conf - login class capabilities database. 2# To speed up access to this data, you can use /usr/bin/cap_mkdb 3# to create a database form of this file: 4# 5# cap_mkdb /etc/login.conf 6# 7# Don't forget to do this after each edit as well! 8# 9# This file controls resource limits, accounting limits and 10# default user environment settings. 11# 12# $Id: login.conf,v 1.31 1999/05/28 11:07:16 jkh Exp $ 13# 14 15# Default settings effectively disable resource limits, see the 16# examples below for a starting point to enable them. 17 18# defaults 19# These settings are used by login(1) by default for classless users 20# Note that entries like "cputime" set both "cputime-cur" and "cputime-max" 21 22default:\ 23 :copyright=/etc/COPYRIGHT:\ 24 :welcome=/etc/motd:\ 25 :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ 26 :path=~/bin /bin /usr/bin /usr/local/bin /usr/X11R6/bin:\ 27 :nologin=/var/run/nologin:\ 28 :cputime=unlimited:\ 29 :datasize=unlimited:\ 30 :stacksize=unlimited:\ 31 :memorylocked=unlimited:\ 32 :memoryuse=unlimited:\ 33 :filesize=unlimited:\ 34 :coredumpsize=unlimited:\ 35 :openfiles=unlimited:\ 36 :maxproc=unlimited:\ 37 :priority=0:\ 38 :ignoretime@:\ 39 :umask=022: 40 41 42# 43# A collection of common class names - forward them all to 'default' 44# (login would normally do this anyway, but having a class name 45# here suppresses the diagnostic) 46# 47standard:\ 48 :tc=default: 49xuser:\ 50 :tc=default: 51staff:\ 52 :tc=default: 53daemon:\ 54 :tc=default: 55news:\ 56 :tc=default: 57dialer:\ 58 :tc=default: 59 60# 61# Root can always login 62# 63# N.B. login_getpwclass(3) will use this entry for the root account, 64# in preference to 'default'. 65root:\ 66 :ignorenologin:\ 67 :tc=default: 68 69# 70# Russian Users Accounts. Setup proper environment variables. 71# 72russian:Russian Users Accounts:\ 73 :charset=KOI8-R:\ 74 :lang=ru_RU.KOI8-R:\ 75 :tc=default: 76 77 78###################################################################### 79###################################################################### 80## 81## Example entries 82## 83###################################################################### 84###################################################################### 85 86## Authentication methods 87## Note that these are disabled by default, and libutil must 88## be rebuilt with LOGIN_CAP_AUTH defined to use them. 89# 90#auth-defaults:\ 91# :auth=krb_skey_or_passwd,passwd,kerberos,skey: 92# 93#auth-root-defaults:\ 94# :auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\ 95# :auth-rlogin=krb_or_skey,kerberos,skey: 96# 97#auth-ftp-defaults:\ 98# :auth=skey_or_pwd,passwd,skey: 99# 100# 101## Example defaults 102## These settings are used by login(1) by default for classless users 103## Note that entries like "cputime" set both "cputime-cur" and "cputime-max" 104# 105#default:\ 106# :cputime=infinity:\ 107# :datasize-cur=22M:\ 108# :stacksize-cur=8M:\ 109# :memorylocked-cur=10M:\ 110# :memoryuse-cur=30M:\ 111# :filesize=infinity:\ 112# :coredumpsize=infinity:\ 113# :maxproc-cur=64:\ 114# :openfiles-cur=64:\ 115# :priority=0:\ 116# :requirehome@:\ 117# :umask=022:\ 118# :tc=auth-defaults: 119# 120# 121## 122## standard - standard user defaults 123## 124#standard:\ 125# :copyright=/etc/COPYRIGHT:\ 126# :welcome=/etc/motd:\ 127# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ 128# :path=~/bin /bin /usr/bin /usr/local/bin:\ 129# :manpath=/usr/share/man /usr/local/man:\ 130# :nologin=/var/run/nologin:\ 131# :cputime=1h30m:\ 132# :datasize=8M:\ 133# :stacksize=2M:\ 134# :memorylocked=4M:\ 135# :memoryuse=8M:\ 136# :filesize=8M:\ 137# :coredumpsize=8M:\ 138# :openfiles=24:\ 139# :maxproc=32:\ 140# :priority=0:\ 141# :requirehome:\ 142# :passwordtime=90d:\ 143# :umask=002:\ 144# :ignoretime@:\ 145# :tc=default: 146# 147# 148## 149## users of X (needs more resources!) 150## 151#xuser:\ 152# :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ 153# :cputime=4h:\ 154# :datasize=12M:\ 155# :stacksize=4M:\ 156# :filesize=8M:\ 157# :memoryuse=16M:\ 158# :openfiles=32:\ 159# :maxproc=48:\ 160# :tc=standard: 161# 162# 163## 164## Staff users - few restrictions and allow login anytime 165## 166#staff:\ 167# :ignorenologin:\ 168# :ignoretime:\ 169# :requirehome@:\ 170# :accounted@:\ 171# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ 172# :umask=022:\ 173# :tc=standard: 174# 175# 176## 177## root - fallback for root logins 178## 179#root:\ 180# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ 181# :cputime=infinity:\ 182# :datasize=infinity:\ 183# :stacksize=infinity:\ 184# :memorylocked=infinity:\ 185# :memoryuse=infinity:\ 186# :filesize=infinity:\ 187# :coredumpsize=infinity:\ 188# :openfiles=infinity:\ 189# :maxproc=infinity:\ 190# :memoryuse-cur=32M:\ 191# :maxproc-cur=64:\ 192# :openfiles-cur=1024:\ 193# :priority=0:\ 194# :requirehome@:\ 195# :umask=022:\ 196# :tc=auth-root-defaults: 197# 198# 199## 200## Settings used by /etc/rc 201## 202#daemon:\ 203# :coredumpsize@:\ 204# :coredumpsize-cur=0:\ 205# :datasize=infinity:\ 206# :datasize-cur@:\ 207# :maxproc=512:\ 208# :maxproc-cur@:\ 209# :memoryuse-cur=64M:\ 210# :memorylocked-cur=64M:\ 211# :openfiles=1024:\ 212# :openfiles-cur@:\ 213# :stacksize=16M:\ 214# :stacksize-cur@:\ 215# :tc=default: 216# 217# 218## 219## Settings used by news subsystem 220## 221#news:\ 222# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ 223# :cputime=infinity:\ 224# :filesize=128M:\ 225# :datasize-cur=64M:\ 226# :stacksize-cur=32M:\ 227# :coredumpsize-cur=0:\ 228# :maxmemorysize-cur=128M:\ 229# :memorylocked=32M:\ 230# :maxproc=128:\ 231# :openfiles=256:\ 232# :tc=default: 233# 234# 235## 236## The dialer class should be used for a dialup PPP/SLIP accounts 237## Welcome messages/news suppressed 238## 239#dialer:\ 240# :hushlogin:\ 241# :requirehome@:\ 242# :cputime=unlimited:\ 243# :filesize=2M:\ 244# :datasize=2M:\ 245# :stacksize=4M:\ 246# :coredumpsize=0:\ 247# :memoryuse=4M:\ 248# :memorylocked=1M:\ 249# :maxproc=16:\ 250# :openfiles=32:\ 251# :tc=standard: 252# 253# 254## 255## Site full-time 24/7 PPP/SLIP connections 256## - no time accounting, restricted to access via dialin lines 257## 258#site:\ 259# :ignoretime:\ 260# :passwordtime@:\ 261# :refreshtime@:\ 262# :refreshperiod@:\ 263# :sessionlimit@:\ 264# :autodelete@:\ 265# :expireperiod@:\ 266# :graceexpire@:\ 267# :gracetime@:\ 268# :warnexpire@:\ 269# :warnpassword@:\ 270# :idletime@:\ 271# :sessiontime@:\ 272# :daytime@:\ 273# :weektime@:\ 274# :monthtime@:\ 275# :warntime@:\ 276# :accounted@:\ 277# :tc=dialer:\ 278# :tc=staff: 279# 280# 281## 282## Example standard accounting entries for subscriber levels 283## 284# 285#subscriber|Subscribers:\ 286# :accounted:\ 287# :refreshtime=180d:\ 288# :refreshperiod@:\ 289# :sessionlimit@:\ 290# :autodelete=30d:\ 291# :expireperiod=180d:\ 292# :graceexpire=7d:\ 293# :gracetime=10m:\ 294# :warnexpire=7d:\ 295# :warnpassword=7d:\ 296# :idletime=30m:\ 297# :sessiontime=4h:\ 298# :daytime=6h:\ 299# :weektime=40h:\ 300# :monthtime=120h:\ 301# :warntime=4h:\ 302# :tc=standard: 303# 304# 305## 306## Subscriber accounts. These accounts have their login times 307## accounted and have access limits applied. 308## 309#subppp|PPP Subscriber Accounts:\ 310# :tc=dialer:\ 311# :tc=subscriber: 312# 313# 314#subslip|SLIP Subscriber Accounts:\ 315# :tc=dialer:\ 316# :tc=subscriber: 317# 318# 319#subshell:Shell Subscriber Accounts:\ 320# :tc=subscriber: 321# 322