Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- move the class explanation to the DESCRIPTION section, where it's more obvious

Browse Source 
- format capabilitities with .Sy
- provide an example entry
This commit is contained in:
lukem 2000-11-17 06:24:56 +00:00
parent d7c887d2da
commit 4b7aaa4b0f
1 changed files with 74 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
share/man/man5/login.conf.5
View File

@ -1,4 +1,4 @@
.\" $NetBSD: login.conf.5,v 1.7 2000/11/07 05:44:51 lukem Exp $
.\" $NetBSD: login.conf.5,v 1.8 2000/11/17 06:24:56 lukem Exp $
.\"
.\" Copyright (c) 1995,1996,1997 Berkeley Software Design, Inc.
.\" All rights reserved.
@ -33,7 +33,7 @@
.\"
.\" BSDI login.conf.5,v 2.19 1998/02/19 23:39:39 prb Exp
.\"
.Dd January 14, 2000
.Dd November 17, 2000
.Dt LOGIN.CONF 5
.Os
.Sh NAME
@ -53,40 +53,60 @@ program,
it is also used by other programs, e.g.,
.Xr rexecd 8 ,
which need to set up a user environment.
.Pp
The class to be used is normally determined by the
.Li class
field in the password file (see
.Xr passwd 5 ).
The class is used to look up a corresponding entry in the
.Pa login.conf
file.
A special class called
.Dq default
will be used (if it exists) if there is no other match.
.Sh CAPABILITIES
Refer to
.Xr getcap 3
for a description of the file layout.
An example entry is:
.Bd -literal -offset indent
classname|Description entry:\\
capability=value:\\
booleancapability:\\
\&.\&.\&.
lastcapability=value:
.Ed
.Pp
All entries in the
.Nm login.conf
file are either boolean or use a `=' to separate the capability
from the value.
The types are described after the capability table.
.Bl -column minpasswordlenxx programxx xusxbin
.Bl -column minpasswordlen program default
.Sy Name Type Default Description
.\"
.sp
.It copyright Ta file Ta "" Ta
.It Sy copyright Ta file Ta "" Ta
File containing additional copyright information.
.\"
.sp
.It coredumpsize Ta size Ta "" Ta
.It Sy coredumpsize Ta size Ta "" Ta
Maximum coredump size limit.
.\"
.sp
.It cputime Ta time Ta "" Ta
.It Sy cputime Ta time Ta "" Ta
CPU usage limit.
.\"
.sp
.It datasize Ta size Ta "" Ta
.It Sy datasize Ta size Ta "" Ta
Maximum data size limit.
.\"
.sp
.It filesize Ta size Ta "" Ta
.It Sy filesize Ta size Ta "" Ta
Maximum file size limit.
.\"
.sp
.It hushlogin Ta bool Ta Dv false Ta
.It Sy hushlogin Ta bool Ta Li false Ta
Same as having a
.Pa $HOME/.hushlogin
file.
@ -94,47 +114,48 @@ See
.Xr login 8 .
.\"
.sp
.It ignorenologin Ta bool Ta Dv false Ta
.It Sy ignorenologin Ta bool Ta Li false Ta
Not affected by
.Pa nologin
files.
.\"
.It login-retries Ta number Ta 10 Ta
.sp
.It Sy login-retries Ta number Ta 10 Ta
Maximum number of login attempts allowed.
.\"
.It login-backoff Ta number Ta 3 Ta
.It Sy login-backoff Ta number Ta 3 Ta
Number of login attempts after which to start random back-off.
.\"
.sp
.It maxproc Ta number Ta "" Ta
.It Sy maxproc Ta number Ta "" Ta
Maximum number of process.
.\"
.sp
.It memorylocked Ta size Ta "" Ta
.It Sy memorylocked Ta size Ta "" Ta
Maximum locked in core memory size limit.
.\"
.sp
.It memoryuse Ta size Ta "" Ta
.It Sy memoryuse Ta size Ta "" Ta
Maximum in core memoryuse size limit.
.\"
.sp
.It minpasswordlen Ta number Ta "" Ta
.It Sy minpasswordlen Ta number Ta "" Ta
The minimum length a local password may be.
Used by the
.Xr passwd 1
utility.
.\"
.sp
.It nologin Ta file Ta "" Ta
.It Sy nologin Ta file Ta "" Ta
If the file exists it will be displayed
and the login session will be terminated.
.\"
.sp
.It openfiles Ta number Ta "" Ta
.It Sy openfiles Ta number Ta "" Ta
Maximum number of open files per process.
.\"
.\"XX .sp
.\"XX .It password-dead Ta time Ta Dv 0 Ta
.\"XX .It Sy password-dead Ta time Ta Li 0 Ta
.\"XX Length of time a password may be expired but not quite dead yet.
.\"XX When set (for both the client and remote server machine when doing
.\"XX remote authentication), a user is allowed to log in just one more
@ -142,50 +163,50 @@ Maximum number of open files per process.
.\"XX a grace period for updating their password.
.\"
.sp
.It passwordtime Ta time Ta "" Ta
.It Sy passwordtime Ta time Ta "" Ta
Used by
.Xr passwd 1
to set next password expiry date.
.\"
.sp
.It password-warn Ta time Ta Dv 2w Ta
.It Sy password-warn Ta time Ta Li 2w Ta
If the user's password will expire within this length of time then
warn the user of this.
.\"
.sp
.It path Ta path Ta Dv "/bin /usr/bin" Ta
.It Sy path Ta path Ta Li "/bin /usr/bin" Ta
.br
Default search path.
.\"
.sp
.It priority Ta number Ta "" Ta
.It Sy priority Ta number Ta "" Ta
Initial priority (nice) level.
.\"
.sp
.It requirehome Ta bool Ta Dv false Ta
.It Sy requirehome Ta bool Ta Li false Ta
Require home directory to login.
.\"
.sp
.It setenv Ta list Ta "" Ta
.It Sy setenv Ta list Ta "" Ta
Comma separated list of environment variables and values to be set.
.\"
.sp
.It shell Ta program Ta "" Ta
.It Sy shell Ta program Ta "" Ta
Session shell to execute rather than the shell specified in the password file.
The
.Ev SHELL
environment variable will contain the shell specified in the password file.
.\"
.sp
.It stacksize Ta size Ta "" Ta
.It Sy stacksize Ta size Ta "" Ta
Maximum stack size limit.
.\"
.sp
.It term Ta string Ta Dv su Ta
.It Sy term Ta string Ta Li su Ta
Default terminal type if not able to determine from other means.
.\"
.sp
.It umask Ta number Ta Dv 022 Ta
.It Sy umask Ta number Ta Li 022 Ta
Initial umask.
Should always have a leading
.Li 0
@ -194,15 +215,15 @@ See
.Xr umask 2 .
.\"
.sp
.It welcome Ta file Ta Pa /etc/motd Ta
.It Sy welcome Ta file Ta Li /etc/motd Ta
File containing welcome message.
.El
.Pp
The resource limit entries
.No ( Ns Va cputime , filesize , datasize , stacksize , coredumpsize ,
.Va memoryuse , memorylocked , maxproc ,
.No ( Ns Sy cputime , filesize , datasize , stacksize , coredumpsize ,
.Sy memoryuse , memorylocked , maxproc ,
and
.Va openfiles )
.Sy openfiles )
actually specify both the maximum and current limits (see
.Xr getrlimit 2 ).
The current limit is the one normally used,
@ -210,13 +231,13 @@ although the user is permitted to increase the current limit to the
maximum limit.
The maximum and current limits may be specified individually by appending
a
.Va \-max
.Sq Sy \-max
or
.Va \-cur
.Sq Sy \-cur
to the capability name (e.g.,
.Va openfiles-max
.Sy openfiles-max
and
.Va openfiles-cur Ns No ).
.Sy openfiles-cur Ns No ).
.Pp
.Nx
will never define capabilities which start with
@ -229,13 +250,13 @@ software).
The argument types are defined as:
.Bl -tag -width programxx
.\"
.It file
.It Sy file
Path name to a text file.
.\"
.It list
.It Sy list
A comma separated list of values.
.\"
.It number
.It Sy number
A number. A leading
.Li 0x
implies the number is expressed in hexadecimal.
@ -244,21 +265,19 @@ A leading
implies the number is expressed in octal.
Any other number is treated as decimal.
.\"
.It path
.It Sy path
A space separated list of path names.
If a
.Li ~
.Sq Li ~
is the first character in the path name, the
.Li ~
.Sq Li ~
is expanded to the user's home directory.
.\"
.It program
.It Sy program
A path name to program.
.\"
.It size
A
.Va number
which expresses a size in bytes.
.It Sy size
A number which expresses a size in bytes.
It may have a trailing
.Li b
to multiply the value by 512, a
@ -267,7 +286,7 @@ to multiply the value by 1 K (1024), and a
.Li m
to multiply the value by 1 M (1048576).
.\"
.It time
.It Sy time
A time in seconds.
A time may be expressed as a series of numbers
which are added together.
@ -275,22 +294,22 @@ Each number may have a trailing character to
represent time units:
.Bl -tag -width xxx
.\"
.It y
.It Sy y
Indicates a number of 365 day years.
.\"
.It w
.It Sy w
Indicates a number of 7 day weeks.
.\"
.It d
.It Sy d
Indicates a number of 24 hour days.
.\"
.It h
.It Sy h
Indicates a number of 60 minute hours.
.\"
.It m
.It Sy m
Indicates a number of 60 second minutes.
.\"
.It s
.It Sy s
Indicates a number of seconds.
.El
.Pp
@ -299,15 +318,6 @@ could be used:
.Li 1h30m .
.El
.\"
.Pp
The class to be used is normally determined by the
.Li class
field in the password file (see
.Xr passwd 5 ).
.Pp
The class is used to look up a corresponding entry in the
.Pa login.conf
file.
.Sh FILES
.Bl -tag -width /etc/login.conf.db -compact
.It Pa /etc/login.conf