version 1.1, 2014/01/23 09:30:23
|
version 1.2, 2014/09/15 19:06:46
|
Line 0
|
Line 1
|
|
# login.conf - login class capabilities database. |
|
# |
|
# Remember to rebuild the database after each change to this file: |
|
# |
|
# cap_mkdb /etc/login.conf |
|
# |
|
# This file controls resource limits, accounting limits and |
|
# default user environment settings. |
|
# |
|
# $FreeBSD: src/etc/login.conf,v 1.57 2012/11/17 01:49:01 svnexp Exp $ |
|
# |
|
|
|
# Default settings effectively disable resource limits, see the |
|
# examples below for a starting point to enable them. |
|
|
|
# defaults |
|
# These settings are used by login(1) by default for classless users |
|
# Note that entries like "cputime" set both "cputime-cur" and "cputime-max" |
|
# |
|
# Note that since a colon ':' is used to separate capability entries, |
|
# a \c escape sequence must be used to embed a literal colon in the |
|
# value or name of a capability (see the ``CGETNUM AND CGETSTR SYNTAX |
|
# AND SEMANTICS'' section of getcap(3) for more escape sequences). |
|
|
|
default:\ |
|
:passwd_format=sha512:\ |
|
:copyright=/etc/COPYRIGHT:\ |
|
:welcome=/etc/motd:\ |
|
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ |
|
:path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin ~/bin:\ |
|
:nologin=/var/run/nologin:\ |
|
:cputime=unlimited:\ |
|
:datasize=unlimited:\ |
|
:stacksize=unlimited:\ |
|
:memorylocked=unlimited:\ |
|
:memoryuse=unlimited:\ |
|
:filesize=unlimited:\ |
|
:coredumpsize=unlimited:\ |
|
:openfiles=unlimited:\ |
|
:maxproc=unlimited:\ |
|
:sbsize=unlimited:\ |
|
:vmemoryuse=unlimited:\ |
|
:swapuse=unlimited:\ |
|
:pseudoterminals=unlimited:\ |
|
:priority=0:\ |
|
:ignoretime@:\ |
|
:umask=022: |
|
|
|
|
|
# |
|
# A collection of common class names - forward them all to 'default' |
|
# (login would normally do this anyway, but having a class name |
|
# here suppresses the diagnostic) |
|
# |
|
standard:\ |
|
:tc=default: |
|
xuser:\ |
|
:tc=default: |
|
staff:\ |
|
:tc=default: |
|
daemon:\ |
|
:tc=default: |
|
news:\ |
|
:tc=default: |
|
dialer:\ |
|
:tc=default: |
|
|
|
# |
|
# Root can always login |
|
# |
|
# N.B. login_getpwclass(3) will use this entry for the root account, |
|
# in preference to 'default'. |
|
root:\ |
|
:ignorenologin:\ |
|
:tc=default: |
|
|
|
# |
|
# Russian Users Accounts. Setup proper environment variables. |
|
# |
|
russian|Russian Users Accounts:\ |
|
:charset=KOI8-R:\ |
|
:lang=ru_RU.KOI8-R:\ |
|
:tc=default: |
|
|
|
|
|
###################################################################### |
|
###################################################################### |
|
## |
|
## Example entries |
|
## |
|
###################################################################### |
|
###################################################################### |
|
|
|
## Example defaults |
|
## These settings are used by login(1) by default for classless users |
|
## Note that entries like "cputime" set both "cputime-cur" and "cputime-max" |
|
# |
|
#default:\ |
|
# :cputime=infinity:\ |
|
# :datasize-cur=22M:\ |
|
# :stacksize-cur=8M:\ |
|
# :memorylocked-cur=10M:\ |
|
# :memoryuse-cur=30M:\ |
|
# :filesize=infinity:\ |
|
# :coredumpsize=infinity:\ |
|
# :maxproc-cur=64:\ |
|
# :openfiles-cur=64:\ |
|
# :priority=0:\ |
|
# :requirehome@:\ |
|
# :umask=022:\ |
|
# :tc=auth-defaults: |
|
# |
|
# |
|
## |
|
## standard - standard user defaults |
|
## |
|
#standard:\ |
|
# :copyright=/etc/COPYRIGHT:\ |
|
# :welcome=/etc/motd:\ |
|
# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ |
|
# :path=~/bin /bin /usr/bin /usr/local/bin:\ |
|
# :manpath=/usr/share/man /usr/local/man:\ |
|
# :nologin=/var/run/nologin:\ |
|
# :cputime=1h30m:\ |
|
# :datasize=8M:\ |
|
# :vmemoryuse=100M:\ |
|
# :stacksize=2M:\ |
|
# :memorylocked=4M:\ |
|
# :memoryuse=8M:\ |
|
# :filesize=8M:\ |
|
# :coredumpsize=8M:\ |
|
# :openfiles=24:\ |
|
# :maxproc=32:\ |
|
# :priority=0:\ |
|
# :requirehome:\ |
|
# :passwordtime=90d:\ |
|
# :umask=002:\ |
|
# :ignoretime@:\ |
|
# :tc=default: |
|
# |
|
# |
|
## |
|
## users of X (needs more resources!) |
|
## |
|
#xuser:\ |
|
# :manpath=/usr/share/man /usr/local/man:\ |
|
# :cputime=4h:\ |
|
# :datasize=12M:\ |
|
# :vmemoryuse=infinity:\ |
|
# :stacksize=4M:\ |
|
# :filesize=8M:\ |
|
# :memoryuse=16M:\ |
|
# :openfiles=32:\ |
|
# :maxproc=48:\ |
|
# :tc=standard: |
|
# |
|
# |
|
## |
|
## Staff users - few restrictions and allow login anytime |
|
## |
|
#staff:\ |
|
# :ignorenologin:\ |
|
# :ignoretime:\ |
|
# :requirehome@:\ |
|
# :accounted@:\ |
|
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ |
|
# :umask=022:\ |
|
# :tc=standard: |
|
# |
|
# |
|
## |
|
## root - fallback for root logins |
|
## |
|
#root:\ |
|
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ |
|
# :cputime=infinity:\ |
|
# :datasize=infinity:\ |
|
# :stacksize=infinity:\ |
|
# :memorylocked=infinity:\ |
|
# :memoryuse=infinity:\ |
|
# :filesize=infinity:\ |
|
# :coredumpsize=infinity:\ |
|
# :openfiles=infinity:\ |
|
# :maxproc=infinity:\ |
|
# :memoryuse-cur=32M:\ |
|
# :maxproc-cur=64:\ |
|
# :openfiles-cur=1024:\ |
|
# :priority=0:\ |
|
# :requirehome@:\ |
|
# :umask=022:\ |
|
# :tc=auth-root-defaults: |
|
# |
|
# |
|
## |
|
## Settings used by /etc/rc |
|
## |
|
#daemon:\ |
|
# :coredumpsize@:\ |
|
# :coredumpsize-cur=0:\ |
|
# :datasize=infinity:\ |
|
# :datasize-cur@:\ |
|
# :maxproc=512:\ |
|
# :maxproc-cur@:\ |
|
# :memoryuse-cur=64M:\ |
|
# :memorylocked-cur=64M:\ |
|
# :openfiles=1024:\ |
|
# :openfiles-cur@:\ |
|
# :stacksize=16M:\ |
|
# :stacksize-cur@:\ |
|
# :tc=default: |
|
# |
|
# |
|
## |
|
## Settings used by news subsystem |
|
## |
|
#news:\ |
|
# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ |
|
# :cputime=infinity:\ |
|
# :filesize=128M:\ |
|
# :datasize-cur=64M:\ |
|
# :stacksize-cur=32M:\ |
|
# :coredumpsize-cur=0:\ |
|
# :maxmemorysize-cur=128M:\ |
|
# :memorylocked=32M:\ |
|
# :maxproc=128:\ |
|
# :openfiles=256:\ |
|
# :tc=default: |
|
# |
|
# |
|
## |
|
## The dialer class should be used for a dialup PPP account |
|
## Welcome messages/news suppressed |
|
## |
|
#dialer:\ |
|
# :hushlogin:\ |
|
# :requirehome@:\ |
|
# :cputime=unlimited:\ |
|
# :filesize=2M:\ |
|
# :datasize=2M:\ |
|
# :stacksize=4M:\ |
|
# :coredumpsize=0:\ |
|
# :memoryuse=4M:\ |
|
# :memorylocked=1M:\ |
|
# :maxproc=16:\ |
|
# :openfiles=32:\ |
|
# :tc=standard: |
|
# |
|
# |
|
## |
|
## Site full-time 24/7 PPP connection |
|
## - no time accounting, restricted to access via dialin lines |
|
## |
|
#site:\ |
|
# :ignoretime:\ |
|
# :passwordtime@:\ |
|
# :refreshtime@:\ |
|
# :refreshperiod@:\ |
|
# :sessionlimit@:\ |
|
# :autodelete@:\ |
|
# :expireperiod@:\ |
|
# :graceexpire@:\ |
|
# :gracetime@:\ |
|
# :warnexpire@:\ |
|
# :warnpassword@:\ |
|
# :idletime@:\ |
|
# :sessiontime@:\ |
|
# :daytime@:\ |
|
# :weektime@:\ |
|
# :monthtime@:\ |
|
# :warntime@:\ |
|
# :accounted@:\ |
|
# :tc=dialer:\ |
|
# :tc=staff: |
|
# |
|
# |
|
## |
|
## Example standard accounting entries for subscriber levels |
|
## |
|
# |
|
#subscriber|Subscribers:\ |
|
# :accounted:\ |
|
# :refreshtime=180d:\ |
|
# :refreshperiod@:\ |
|
# :sessionlimit@:\ |
|
# :autodelete=30d:\ |
|
# :expireperiod=180d:\ |
|
# :graceexpire=7d:\ |
|
# :gracetime=10m:\ |
|
# :warnexpire=7d:\ |
|
# :warnpassword=7d:\ |
|
# :idletime=30m:\ |
|
# :sessiontime=4h:\ |
|
# :daytime=6h:\ |
|
# :weektime=40h:\ |
|
# :monthtime=120h:\ |
|
# :warntime=4h:\ |
|
# :tc=standard: |
|
# |
|
# |
|
## |
|
## Subscriber accounts. These accounts have their login times |
|
## accounted and have access limits applied. |
|
## |
|
#subppp|PPP Subscriber Accounts:\ |
|
# :tc=dialer:\ |
|
# :tc=subscriber: |
|
# |
|
# |
|
#subshell|Shell Subscriber Accounts:\ |
|
# :tc=subscriber: |
|
# |
|
## |
|
## If you want some of the accounts to use traditional UNIX DES based |
|
## password hashes. |
|
## |
|
#des_users:\ |
|
# :passwd_format=des:\ |
|
# :tc=default: |
|
authpf:\ |
|
:welcome=/etc/motd.authpf:shell=/usr/sbin/authpf:\ |
|
:tc=default: |
|
# ELWIX - Initial setup class |
|
initial:\ |
|
:welcome=/etc/motd.initial:shell=/etc/rc.initial:\ |
|
:tc=default: |