d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f0f8a1af01
freebsd-dev/etc/login.conf

323 lines
6.6 KiB
Plaintext
Raw Normal View History

o Improve the comment concerning rebuilding the database using cap_mkdb -- it's not a speed thing, it's a correctness thing :-) o Reorder the path slightly to be more consistent Reviewed by: jhb
2000-03-26 05:41:10 +00:00
# login.conf - login class capabilities database.
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
o Improve the comment concerning rebuilding the database using cap_mkdb -- it's not a speed thing, it's a correctness thing :-) o Reorder the path slightly to be more consistent Reviewed by: jhb
2000-03-26 05:41:10 +00:00
# Remember to rebuild the database after each change to this file:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
o Improve the comment concerning rebuilding the database using cap_mkdb -- it's not a speed thing, it's a correctness thing :-) o Reorder the path slightly to be more consistent Reviewed by: jhb
2000-03-26 05:41:10 +00:00
# cap_mkdb /etc/login.conf
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
# This file controls resource limits, accounting limits and
# default user environment settings.
#
$Id$ -> $FreeBSD$
1999-08-27 23:37:10 +00:00
# $FreeBSD$
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# Default settings effectively disable resource limits, see the
# examples below for a starting point to enable them.
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
Slightly clarify wording of "Example".
1998-12-29 22:17:31 +00:00
# defaults
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
# These settings are used by login(1) by default for classless users
# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
Add a short description of how a literal colon ':' can be inlined in the value of capability databases, since it's not really obvious how a colon can be escaped, and a pointer to the getcap(3) manpage for more details. Triggered by: a question by Ceri on -questions
2005-08-31 15:02:11 +00:00
#
# Note that since a colon ':' is used to separate capability entries,
# a \c escape sequence must be used to embed a literal colon in the
# value or name of a capability (see the ``CGETNUM AND CGETSTR SYNTAX
# AND SEMANTICS'' section of getcap(3) for more escape sequences).
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
default:\
Switch the default password hash from md5 to sha512. MFC after: 1 week
2012-06-19 14:46:18 +00:00
:passwd_format=sha512:\
o Back out 1.39, it was a bad idea. There was, and should be, a distinction between the OS copyright message and the message displayed gratuitously to each user at login. Because, well, they may be different, among other things, and boy can a copyright message each login consume some screen space. If people really want to do this, they can copy /COPYRIGHT to /etc/COPYRIGHT. Submitted by: Anders Andersson <anders@codefactory.se>
2000-12-19 14:12:46 +00:00
:copyright=/etc/COPYRIGHT:\
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
:welcome=/etc/motd:\
Stop enforcing LC_COLLATE to C unicode collation is now supported
2015-11-07 12:50:20 +00:00
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
Step 1 of eliminating the "games" distribution: Move binaries to /usr/bin; update paths; and include everything in the "base" distribution. The "games" distribution being optional made sense when there were more games and we had small disks; but the "games-like" games were moved into the ports tree a dozen years ago and the remaining "utility-like" games occupy less than 0.001% of my laptop's small hard drive. Meanwhile every new user is confronted by the question "do you want games installed" when they they try to install FreeBSD. The next steps will be: 2. Removing punch card (bcd, ppt), phase-of-moon (pom), clock (grdc), and caesar cipher (caesar, rot13) utilities. I intend to keep fortune, factor, morse, number, primes, and random, since there is evidence that those are still being used. 3. Merging src/games into src/usr.bin. This change will not be MFCed. Reviewed by: jmg Discussed at: EuroBSDCon Approved by: gjb (release-affecting changes)
2015-02-12 05:35:00 +00:00
:path=/sbin /bin /usr/sbin /usr/bin /usr/local/sbin /usr/local/bin ~/bin:\
Move nologin from /etc to /var/run. This means one less file that has to be written to /etc. The only essential change is in paths.h, so any third-party software written correctly will pick it up in the next rebuild. Reviewed by: the committers list (actually an old version)
1999-01-11 09:07:42 +00:00
:nologin=/var/run/nologin:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:cputime=unlimited:\
:datasize=unlimited:\
:stacksize=unlimited:\
- Set memorylocked limit to 64Kb for default login class. This prevents unprivileged users to lock too much memory. - Set memorylocked limit to 64Mb for daemon login class. Some daemons such as amd(8) and watchdogd(8) calls mlockall(2) on startup, they are run from init(8) which uses daemon login class. - Set memorylocked limit to unlimited for root login class. Suggested by: avg Approved by: kib (mentor) MFC after: 1 week
2012-12-18 07:27:50 +00:00
:memorylocked=64K:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:memoryuse=unlimited:\
:filesize=unlimited:\
:coredumpsize=unlimited:\
:openfiles=unlimited:\
:maxproc=unlimited:\
document sbsize limit.
2000-06-02 20:51:05 +00:00
:sbsize=unlimited:\
add default vmemoryuse (unlimited), and samples
2002-06-26 04:04:37 +00:00
:vmemoryuse=unlimited:\
Usermode portion of the support for swap allocation accounting: - update for getrlimit(2) manpage; - support for setting RLIMIT_SWAP in login class; - addition to the limits(1) and sh and csh limit-setting builtins; - tuning(7) documentation on the sysctls controlling overcommit. In collaboration with: pho Reviewed by: alc Approved by: re (kensmith)
2009-06-23 20:57:27 +00:00
:swapuse=unlimited:\
Integrate the new MPSAFE TTY layer to the FreeBSD operating system. The last half year I've been working on a replacement TTY layer for the FreeBSD kernel. The new TTY layer was designed to improve the following: - Improved driver model: The old TTY layer has a driver model that is not abstract enough to make it friendly to use. A good example is the output path, where the device drivers directly access the output buffers. This means that an in-kernel PPP implementation must always convert network buffers into TTY buffers. If a PPP implementation would be built on top of the new TTY layer (still needs a hooks layer, though), it would allow the PPP implementation to directly hand the data to the TTY driver. - Improved hotplugging: With the old TTY layer, it isn't entirely safe to destroy TTY's from the system. This implementation has a two-step destructing design, where the driver first abandons the TTY. After all threads have left the TTY, the TTY layer calls a routine in the driver, which can be used to free resources (unit numbers, etc). The pts(4) driver also implements this feature, which means posix_openpt() will now return PTY's that are created on the fly. - Improved performance: One of the major improvements is the per-TTY mutex, which is expected to improve scalability when compared to the old Giant locking. Another change is the unbuffered copying to userspace, which is both used on TTY device nodes and PTY masters. Upgrading should be quite straightforward. Unlike previous versions, existing kernel configuration files do not need to be changed, except when they reference device drivers that are listed in UPDATING. Obtained from: //depot/projects/mpsafetty/... Approved by: philip (ex-mentor) Discussed: on the lists, at BSDCan, at the DevSummit Sponsored by: Snow B.V., the Netherlands dcons(4) fixed by: kan
2008-08-20 08:31:58 +00:00
:pseudoterminals=unlimited:\
Add a resource limit for the total number of kqueues available to the user. Kqueue now saves the ucred of the allocating thread, to correctly decrement the counter on close. Under some specific and not real-world use scenario for kqueue, it is possible for the kqueues to consume memory proportional to the square of the number of the filedescriptors available to the process. Limit allows administrator to prevent the abuse. This is kernel-mode side of the change, with the user-mode enabling commit following. Reported and tested by: pho Discussed with: jmg Sponsored by: The FreeBSD Foundation MFC after: 2 weeks
2013-10-21 16:46:12 +00:00
:kqueues=unlimited:\
Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add login.conf(5) support. Reviewed by: jilles Sponsored by: The FreeBSD Foundation Differential revision: https://reviews.freebsd.org/D5610
2016-03-12 14:54:34 +00:00
:umtxp=unlimited:\
Added 'xuser' class entry point for X users (who need more resources). Increased default procs/file handles so that man will work in more situations. Other suggestions welcome, btw.
1997-01-11 16:08:53 +00:00
:priority=0:\
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
:ignoretime@:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:umask=022:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
Made more reasonable as a set of defaults. Remove cruft, fix a couple of errors and eliminate cap_mkdb errors. Closes PR misc/2551.
1997-01-22 03:33:55 +00:00
Added 'xuser' class entry point for X users (who need more resources). Increased default procs/file handles so that man will work in more situations. Other suggestions welcome, btw.
1997-01-11 16:08:53 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# A collection of common class names - forward them all to 'default'
# (login would normally do this anyway, but having a class name
# here suppresses the diagnostic)
Added 'xuser' class entry point for X users (who need more resources). Increased default procs/file handles so that man will work in more situations. Other suggestions welcome, btw.
1997-01-11 16:08:53 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
standard:\
:tc=default:
Added 'xuser' class entry point for X users (who need more resources). Increased default procs/file handles so that man will work in more situations. Other suggestions welcome, btw.
1997-01-11 16:08:53 +00:00
xuser:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:tc=default:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
staff:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:tc=default:
daemon:\
Increase the "memorylocked" limit for the "daemon" class. amd(8) requires more than the 64MB that is currently available to it so bump it up to 128MB. Reviewed by: kib Discussed with: avg, kib, zont
2013-01-27 21:55:01 +00:00
:memorylocked=128M:\
Fix typo: s/;/:/ PR: conf/7964 PR: conf/7966 Submitted by: Zach Heilig <zach@gaffaneys.com> Submitted by: Jos Backus <Jos.Backus@nl.origin-it.com>
1998-09-17 17:02:39 +00:00
:tc=default:
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
news:\
:tc=default:
dialer:\
:tc=default:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# Root can always login
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
Be a little clearer about login_getpwclass(3), and its penchant for looking up a record called "root". PR: docs/12377 Submitted by: Adrian Filipi-Martin <adrian@ubergeeks.com>
1999-07-14 22:36:10 +00:00
# N.B. login_getpwclass(3) will use this entry for the root account,
# in preference to 'default'.
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
root:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:ignorenologin:\
- Set memorylocked limit to 64Kb for default login class. This prevents unprivileged users to lock too much memory. - Set memorylocked limit to 64Mb for daemon login class. Some daemons such as amd(8) and watchdogd(8) calls mlockall(2) on startup, they are run from init(8) which uses daemon login class. - Set memorylocked limit to unlimited for root login class. Suggested by: avg Approved by: kib (mentor) MFC after: 1 week
2012-12-18 07:27:50 +00:00
:memorylocked=unlimited:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
:tc=default:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# Russian Users Accounts. Setup proper environment variables.
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
When having an expanded name for a class, use '|' instead if ':' to seperate the short name and the long name. This was present for most but not all entries. Because the parsing doesn't reject unrecognized entries, this didn't cause failures, but it wasn't strictly correct. Submitted by: Martin Faxer <gmh003532@brfmasthugget.se> MFC after: 2 weeks
2002-03-01 15:30:24 +00:00
russian|Russian Users Accounts:\
Switch russian login class to UTF-8 Reviewed by: glebius Approved by: glebius Differential Revision: D2129
2015-04-06 01:32:26 +00:00
:charset=UTF-8:\
:lang=ru_RU.UTF-8:\
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
:tc=default:
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
######################################################################
######################################################################
##
## Example entries
Removed whitespace at BOF, EOL & EOF.
2004-06-06 11:46:29 +00:00
##
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
######################################################################
######################################################################
## Example defaults
## These settings are used by login(1) by default for classless users
## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
#default:\
# :cputime=infinity:\
# :datasize-cur=22M:\
# :stacksize-cur=8M:\
# :memorylocked-cur=10M:\
# :memoryuse-cur=30M:\
# :filesize=infinity:\
# :coredumpsize=infinity:\
# :maxproc-cur=64:\
# :openfiles-cur=64:\
# :priority=0:\
# :requirehome@:\
# :umask=022:\
# :tc=auth-defaults:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
##
## standard - standard user defaults
##
#standard:\
o Back out 1.39, it was a bad idea. There was, and should be, a distinction between the OS copyright message and the message displayed gratuitously to each user at login. Because, well, they may be different, among other things, and boy can a copyright message each login consume some screen space. If people really want to do this, they can copy /COPYRIGHT to /etc/COPYRIGHT. Submitted by: Anders Andersson <anders@codefactory.se>
2000-12-19 14:12:46 +00:00
# :copyright=/etc/COPYRIGHT:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :welcome=/etc/motd:\
Ripped out EDITOR=ee with extreme prejudice.
1999-01-26 07:28:31 +00:00
# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :path=~/bin /bin /usr/bin /usr/local/bin:\
# :manpath=/usr/share/man /usr/local/man:\
Oops, I missed a few more /etc/nologin references yesterday. It appears my check of the tree was incomplete. Sorry guys. Reported by: Ben Smithurst <ben@scientia.demon.co.uk>
1999-01-12 14:09:23 +00:00
# :nologin=/var/run/nologin:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :cputime=1h30m:\
# :datasize=8M:\
add default vmemoryuse (unlimited), and samples
2002-06-26 04:04:37 +00:00
# :vmemoryuse=100M:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :stacksize=2M:\
# :memorylocked=4M:\
# :memoryuse=8M:\
# :filesize=8M:\
# :coredumpsize=8M:\
# :openfiles=24:\
# :maxproc=32:\
# :priority=0:\
# :requirehome:\
Change references from "passwordperiod" to "passwordtime", since "passwordtime" is what passwd(1) has actually been using. I suspect passwordperiod was the original intent. I can't figure-out which, if either, BSDi uses. If anyone knows...
1999-04-30 18:19:46 +00:00
# :passwordtime=90d:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :umask=002:\
# :ignoretime@:\
# :tc=default:
Adds a template/example login.conf, login class capabilities database.
1997-01-11 06:47:56 +00:00
#
Add 'russian' users class
1997-05-01 21:25:34 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
##
## users of X (needs more resources!)
##
#xuser:\
Remove more vestiges of /usr/X11R6, but leave mtree for portmgr.
2007-05-29 06:37:58 +00:00
# :manpath=/usr/share/man /usr/local/man:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :cputime=4h:\
# :datasize=12M:\
add default vmemoryuse (unlimited), and samples
2002-06-26 04:04:37 +00:00
# :vmemoryuse=infinity:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :stacksize=4M:\
# :filesize=8M:\
# :memoryuse=16M:\
# :openfiles=32:\
# :maxproc=48:\
# :tc=standard:
Add 'russian' users class
1997-05-01 21:25:34 +00:00
#
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
#
##
## Staff users - few restrictions and allow login anytime
##
#staff:\
# :ignorenologin:\
# :ignoretime:\
# :requirehome@:\
# :accounted@:\
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
# :umask=022:\
# :tc=standard:
#
#
##
## root - fallback for root logins
##
#root:\
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
# :cputime=infinity:\
# :datasize=infinity:\
# :stacksize=infinity:\
# :memorylocked=infinity:\
# :memoryuse=infinity:\
# :filesize=infinity:\
# :coredumpsize=infinity:\
# :openfiles=infinity:\
# :maxproc=infinity:\
# :memoryuse-cur=32M:\
# :maxproc-cur=64:\
# :openfiles-cur=1024:\
# :priority=0:\
# :requirehome@:\
# :umask=022:\
# :tc=auth-root-defaults:
#
#
##
## Settings used by /etc/rc
##
#daemon:\
# :coredumpsize@:\
# :coredumpsize-cur=0:\
# :datasize=infinity:\
# :datasize-cur@:\
# :maxproc=512:\
# :maxproc-cur@:\
# :memoryuse-cur=64M:\
# :memorylocked-cur=64M:\
# :openfiles=1024:\
# :openfiles-cur@:\
# :stacksize=16M:\
# :stacksize-cur@:\
# :tc=default:
#
#
##
## Settings used by news subsystem
##
#news:\
# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
# :cputime=infinity:\
# :filesize=128M:\
# :datasize-cur=64M:\
# :stacksize-cur=32M:\
# :coredumpsize-cur=0:\
# :maxmemorysize-cur=128M:\
# :memorylocked=32M:\
# :maxproc=128:\
# :openfiles=256:\
# :tc=default:
#
#
##
Remove vestiges of 'slip'. PR: 145648 Submitted by: alexbestms at wwu dot de and spam at rm-rf dot kiev dot ua MFC after: 1 week
2010-06-19 09:21:34 +00:00
## The dialer class should be used for a dialup PPP account
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
## Welcome messages/news suppressed
##
#dialer:\
# :hushlogin:\
# :requirehome@:\
# :cputime=unlimited:\
# :filesize=2M:\
# :datasize=2M:\
# :stacksize=4M:\
# :coredumpsize=0:\
# :memoryuse=4M:\
# :memorylocked=1M:\
# :maxproc=16:\
# :openfiles=32:\
# :tc=standard:
#
#
##
Remove vestiges of 'slip'. PR: 145648 Submitted by: alexbestms at wwu dot de and spam at rm-rf dot kiev dot ua MFC after: 1 week
2010-06-19 09:21:34 +00:00
## Site full-time 24/7 PPP connection
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
## - no time accounting, restricted to access via dialin lines
##
#site:\
# :ignoretime:\
Change references from "passwordperiod" to "passwordtime", since "passwordtime" is what passwd(1) has actually been using. I suspect passwordperiod was the original intent. I can't figure-out which, if either, BSDi uses. If anyone knows...
1999-04-30 18:19:46 +00:00
# :passwordtime@:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :refreshtime@:\
# :refreshperiod@:\
# :sessionlimit@:\
# :autodelete@:\
# :expireperiod@:\
# :graceexpire@:\
# :gracetime@:\
# :warnexpire@:\
# :warnpassword@:\
# :idletime@:\
# :sessiontime@:\
# :daytime@:\
# :weektime@:\
# :monthtime@:\
# :warntime@:\
# :accounted@:\
# :tc=dialer:\
# :tc=staff:
#
#
##
## Example standard accounting entries for subscriber levels
##
#
#subscriber|Subscribers:\
# :accounted:\
# :refreshtime=180d:\
# :refreshperiod@:\
# :sessionlimit@:\
# :autodelete=30d:\
# :expireperiod=180d:\
# :graceexpire=7d:\
# :gracetime=10m:\
# :warnexpire=7d:\
# :warnpassword=7d:\
# :idletime=30m:\
# :sessiontime=4h:\
# :daytime=6h:\
# :weektime=40h:\
# :monthtime=120h:\
# :warntime=4h:\
# :tc=standard:
#
#
##
## Subscriber accounts. These accounts have their login times
## accounted and have access limits applied.
##
#subppp|PPP Subscriber Accounts:\
# :tc=dialer:\
# :tc=subscriber:
#
#
Fix typo. '|' looks a lot like 'l' in my xterm font.
2002-03-01 15:42:27 +00:00
#subshell|Shell Subscriber Accounts:\
Effectively disable resource limit setting by default, leaving the original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
1998-09-16 19:18:36 +00:00
# :tc=subscriber:
#
Add `password_format=md5' to the default settings. I've had this locally for a while, but a recent email to -stable suggests it should be spelled out as the documentation of "password_format" is sparse. Also add a `des_users' entry. Submitted by: Sean O'Connell <sean@stat.Duke.EDU>
2000-11-21 23:25:39 +00:00
##
## If you want some of the accounts to use traditional UNIX DES based
## password hashes.
##
#des_users:\
s/password_format/passwd_format/ PR: misc/30494 Submitted by: "brian j. peterson" <rbw@myplace.org>
2001-09-11 07:01:47 +00:00
# :passwd_format=des:\
Add `password_format=md5' to the default settings. I've had this locally for a while, but a recent email to -stable suggests it should be spelled out as the documentation of "password_format" is sparse. Also add a `des_users' entry. Submitted by: Sean O'Connell <sean@stat.Duke.EDU>
2000-11-21 23:25:39 +00:00
# :tc=default:
Reference in New Issue Copy Permalink