Effectively disable resource limit setting by default, leaving the
original contents of the file preserved as examples for administrators that need to enable them. Also add a comment to the examples pointing out that the authentication functionality is largely unused and requires rebuilding libutil. Reviewed by: jkh
This commit is contained in:
parent
b613c32dda
commit
a4b3203d07
503
etc/login.conf
503
etc/login.conf
@ -9,245 +9,62 @@
|
||||
# This file controls resource limits, accounting limits and
|
||||
# default user environment settings.
|
||||
#
|
||||
# $Id: login.conf,v 1.19 1997/12/03 01:12:48 ache Exp $
|
||||
# $Id: login.conf,v 1.20 1998/03/09 03:01:47 steve Exp $
|
||||
#
|
||||
|
||||
|
||||
# Authentication methods
|
||||
|
||||
auth-defaults:\
|
||||
:auth=krb_skey_or_passwd,passwd,kerberos,skey:
|
||||
|
||||
auth-root-defaults:\
|
||||
:auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\
|
||||
:auth-rlogin=krb_or_skey,kerberos,skey:
|
||||
|
||||
auth-ftp-defaults:\
|
||||
:auth=skey_or_pwd,passwd,skey:
|
||||
|
||||
# Default settings effectively disable resource limits, see the
|
||||
# examples below for a starting point to enable them.
|
||||
|
||||
# Example defaults
|
||||
# These settings are used by login(1) by default for classless users
|
||||
# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
|
||||
|
||||
default:\
|
||||
:cputime=infinity:\
|
||||
:datasize-cur=22M:\
|
||||
:stacksize-cur=8M:\
|
||||
:memorylocked-cur=10M:\
|
||||
:memoryuse-cur=30M:\
|
||||
:filesize=infinity:\
|
||||
:coredumpsize=infinity:\
|
||||
:maxproc-cur=64:\
|
||||
:openfiles-cur=64:\
|
||||
:priority=0:\
|
||||
:requirehome@:\
|
||||
:umask=022:\
|
||||
:tc=auth-defaults:
|
||||
|
||||
|
||||
#
|
||||
# standard - standard user defaults
|
||||
#
|
||||
standard:\
|
||||
:copyright=/etc/COPYRIGHT:\
|
||||
:welcome=/etc/motd:\
|
||||
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/ee:\
|
||||
:path=~/bin /bin /usr/bin /usr/local/bin:\
|
||||
:manpath=/usr/share/man /usr/local/man:\
|
||||
:nologin=/etc/nologin:\
|
||||
:cputime=1h30m:\
|
||||
:datasize=8M:\
|
||||
:stacksize=2M:\
|
||||
:memorylocked=4M:\
|
||||
:memoryuse=8M:\
|
||||
:filesize=8M:\
|
||||
:coredumpsize=8M:\
|
||||
:openfiles=24:\
|
||||
:maxproc=32:\
|
||||
:cputime=unlimited:\
|
||||
:datasize=unlimited:\
|
||||
:stacksize=unlimited:\
|
||||
:memorylocked=unlimited:\
|
||||
:memoryuse=unlimited:\
|
||||
:filesize=unlimited:\
|
||||
:coredumpsize=unlimited:\
|
||||
:openfiles=unlimited:\
|
||||
:maxproc=unlimited:\
|
||||
:priority=0:\
|
||||
:requirehome:\
|
||||
:passwordperiod=90d:\
|
||||
:umask=002:\
|
||||
:ignoretime@:\
|
||||
:umask=022:
|
||||
|
||||
|
||||
#
|
||||
# A collection of common class names - forward them all to 'default'
|
||||
# (login would normally do this anyway, but having a class name
|
||||
# here suppresses the diagnostic)
|
||||
#
|
||||
standard:\
|
||||
:tc=default:
|
||||
xuser:\
|
||||
:tc=default:
|
||||
staff:\
|
||||
:tc=default:
|
||||
daemon:\
|
||||
:tc=default;
|
||||
news:\
|
||||
:tc=default:
|
||||
dialer:\
|
||||
:tc=default:
|
||||
|
||||
|
||||
#
|
||||
# users of X (needs more resources!)
|
||||
#
|
||||
xuser:\
|
||||
:manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\
|
||||
:cputime=4h:\
|
||||
:datasize=12M:\
|
||||
:stacksize=4M:\
|
||||
:filesize=8M:\
|
||||
:memoryuse=16M:\
|
||||
:openfiles=32:\
|
||||
:maxproc=48:\
|
||||
:tc=standard:
|
||||
|
||||
|
||||
#
|
||||
# Staff users - few restrictions and allow login anytime
|
||||
#
|
||||
staff:\
|
||||
:ignorenologin:\
|
||||
:ignoretime:\
|
||||
:requirehome@:\
|
||||
:accounted@:\
|
||||
:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
|
||||
:umask=022:\
|
||||
:tc=standard:
|
||||
|
||||
|
||||
#
|
||||
# root - fallback for root logins
|
||||
# Root can always login
|
||||
#
|
||||
root:\
|
||||
:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
|
||||
:cputime=infinity:\
|
||||
:datasize=infinity:\
|
||||
:stacksize=infinity:\
|
||||
:memorylocked=infinity:\
|
||||
:memoryuse=infinity:\
|
||||
:filesize=infinity:\
|
||||
:coredumpsize=infinity:\
|
||||
:openfiles=infinity:\
|
||||
:maxproc=infinity:\
|
||||
:memoryuse-cur=32M:\
|
||||
:maxproc-cur=64:\
|
||||
:openfiles-cur=1024:\
|
||||
:priority=0:\
|
||||
:requirehome@:\
|
||||
:umask=022:\
|
||||
:tc=auth-root-defaults:
|
||||
|
||||
|
||||
#
|
||||
# Settings used by /etc/rc
|
||||
#
|
||||
daemon:\
|
||||
:coredumpsize@:\
|
||||
:coredumpsize-cur=0:\
|
||||
:datasize=infinity:\
|
||||
:datasize-cur@:\
|
||||
:maxproc=512:\
|
||||
:maxproc-cur@:\
|
||||
:memoryuse-cur=64M:\
|
||||
:memorylocked-cur=64M:\
|
||||
:openfiles=1024:\
|
||||
:openfiles-cur@:\
|
||||
:stacksize=16M:\
|
||||
:stacksize-cur@:\
|
||||
:ignorenologin:\
|
||||
:tc=default:
|
||||
|
||||
|
||||
#
|
||||
# Settings used by news subsystem
|
||||
#
|
||||
news:\
|
||||
:path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
|
||||
:cputime=infinity:\
|
||||
:filesize=128M:\
|
||||
:datasize-cur=64M:\
|
||||
:stacksize-cur=32M:\
|
||||
:coredumpsize-cur=0:\
|
||||
:maxmemorysize-cur=128M:\
|
||||
:memorylocked=32M:\
|
||||
:maxproc=128:\
|
||||
:openfiles=256:\
|
||||
:tc=default:
|
||||
|
||||
|
||||
#
|
||||
# The dialer class should be used for a dialup PPP/SLIP accounts
|
||||
# Welcome messages/news suppressed
|
||||
#
|
||||
dialer:\
|
||||
:hushlogin:\
|
||||
:requirehome@:\
|
||||
:cputime=unlimited:\
|
||||
:filesize=2M:\
|
||||
:datasize=2M:\
|
||||
:stacksize=4M:\
|
||||
:coredumpsize=0:\
|
||||
:memoryuse=4M:\
|
||||
:memorylocked=1M:\
|
||||
:maxproc=16:\
|
||||
:openfiles=32:\
|
||||
:tc=standard:
|
||||
|
||||
|
||||
#
|
||||
# Site full-time 24/7 PPP/SLIP connections
|
||||
# - no time accounting, restricted to access via dialin lines
|
||||
#
|
||||
site:\
|
||||
:ignoretime:\
|
||||
:passwordperiod@:\
|
||||
:refreshtime@:\
|
||||
:refreshperiod@:\
|
||||
:sessionlimit@:\
|
||||
:autodelete@:\
|
||||
:expireperiod@:\
|
||||
:graceexpire@:\
|
||||
:gracetime@:\
|
||||
:warnexpire@:\
|
||||
:warnpassword@:\
|
||||
:idletime@:\
|
||||
:sessiontime@:\
|
||||
:daytime@:\
|
||||
:weektime@:\
|
||||
:monthtime@:\
|
||||
:warntime@:\
|
||||
:accounted@:\
|
||||
:tc=dialer:\
|
||||
:tc=staff:
|
||||
|
||||
|
||||
#
|
||||
# Example standard accounting entries for subscriber levels
|
||||
#
|
||||
|
||||
subscriber|Subscribers:\
|
||||
:accounted:\
|
||||
:refreshtime=180d:\
|
||||
:refreshperiod@:\
|
||||
:sessionlimit@:\
|
||||
:autodelete=30d:\
|
||||
:expireperiod=180d:\
|
||||
:graceexpire=7d:\
|
||||
:gracetime=10m:\
|
||||
:warnexpire=7d:\
|
||||
:warnpassword=7d:\
|
||||
:idletime=30m:\
|
||||
:sessiontime=4h:\
|
||||
:daytime=6h:\
|
||||
:weektime=40h:\
|
||||
:monthtime=120h:\
|
||||
:warntime=4h:\
|
||||
:tc=standard:
|
||||
|
||||
|
||||
#
|
||||
# Subscriber accounts. These accounts have their login times
|
||||
# accounted and have access limits applied.
|
||||
#
|
||||
subppp|PPP Subscriber Accounts:\
|
||||
:tc=dialer:\
|
||||
:tc=subscriber:
|
||||
|
||||
|
||||
subslip|SLIP Subscriber Accounts:\
|
||||
:tc=dialer:\
|
||||
:tc=subscriber:
|
||||
|
||||
|
||||
subshell:Shell Subscriber Accounts:\
|
||||
:tc=subscriber:
|
||||
|
||||
|
||||
#
|
||||
# Russian Users Accounts. Setup proper environment variables.
|
||||
#
|
||||
@ -255,3 +72,257 @@ russian:Russian Users Accounts:\
|
||||
:charset=KOI8-R:\
|
||||
:lang=ru_RU.KOI8-R:\
|
||||
:tc=default:
|
||||
|
||||
|
||||
######################################################################
|
||||
######################################################################
|
||||
##
|
||||
## Example entries
|
||||
##
|
||||
######################################################################
|
||||
######################################################################
|
||||
|
||||
## Authentication methods
|
||||
## Note that these are disabled by default, and libutil must
|
||||
## be rebuilt with LOGIN_CAP_AUTH defined to use them.
|
||||
#
|
||||
#auth-defaults:\
|
||||
# :auth=krb_skey_or_passwd,passwd,kerberos,skey:
|
||||
#
|
||||
#auth-root-defaults:\
|
||||
# :auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\
|
||||
# :auth-rlogin=krb_or_skey,kerberos,skey:
|
||||
#
|
||||
#auth-ftp-defaults:\
|
||||
# :auth=skey_or_pwd,passwd,skey:
|
||||
#
|
||||
#
|
||||
## Example defaults
|
||||
## These settings are used by login(1) by default for classless users
|
||||
## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
|
||||
#
|
||||
#default:\
|
||||
# :cputime=infinity:\
|
||||
# :datasize-cur=22M:\
|
||||
# :stacksize-cur=8M:\
|
||||
# :memorylocked-cur=10M:\
|
||||
# :memoryuse-cur=30M:\
|
||||
# :filesize=infinity:\
|
||||
# :coredumpsize=infinity:\
|
||||
# :maxproc-cur=64:\
|
||||
# :openfiles-cur=64:\
|
||||
# :priority=0:\
|
||||
# :requirehome@:\
|
||||
# :umask=022:\
|
||||
# :tc=auth-defaults:
|
||||
#
|
||||
#
|
||||
##
|
||||
## standard - standard user defaults
|
||||
##
|
||||
#standard:\
|
||||
# :copyright=/etc/COPYRIGHT:\
|
||||
# :welcome=/etc/motd:\
|
||||
# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/ee:\
|
||||
# :path=~/bin /bin /usr/bin /usr/local/bin:\
|
||||
# :manpath=/usr/share/man /usr/local/man:\
|
||||
# :nologin=/etc/nologin:\
|
||||
# :cputime=1h30m:\
|
||||
# :datasize=8M:\
|
||||
# :stacksize=2M:\
|
||||
# :memorylocked=4M:\
|
||||
# :memoryuse=8M:\
|
||||
# :filesize=8M:\
|
||||
# :coredumpsize=8M:\
|
||||
# :openfiles=24:\
|
||||
# :maxproc=32:\
|
||||
# :priority=0:\
|
||||
# :requirehome:\
|
||||
# :passwordperiod=90d:\
|
||||
# :umask=002:\
|
||||
# :ignoretime@:\
|
||||
# :tc=default:
|
||||
#
|
||||
#
|
||||
##
|
||||
## users of X (needs more resources!)
|
||||
##
|
||||
#xuser:\
|
||||
# :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\
|
||||
# :cputime=4h:\
|
||||
# :datasize=12M:\
|
||||
# :stacksize=4M:\
|
||||
# :filesize=8M:\
|
||||
# :memoryuse=16M:\
|
||||
# :openfiles=32:\
|
||||
# :maxproc=48:\
|
||||
# :tc=standard:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Staff users - few restrictions and allow login anytime
|
||||
##
|
||||
#staff:\
|
||||
# :ignorenologin:\
|
||||
# :ignoretime:\
|
||||
# :requirehome@:\
|
||||
# :accounted@:\
|
||||
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
|
||||
# :umask=022:\
|
||||
# :tc=standard:
|
||||
#
|
||||
#
|
||||
##
|
||||
## root - fallback for root logins
|
||||
##
|
||||
#root:\
|
||||
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
|
||||
# :cputime=infinity:\
|
||||
# :datasize=infinity:\
|
||||
# :stacksize=infinity:\
|
||||
# :memorylocked=infinity:\
|
||||
# :memoryuse=infinity:\
|
||||
# :filesize=infinity:\
|
||||
# :coredumpsize=infinity:\
|
||||
# :openfiles=infinity:\
|
||||
# :maxproc=infinity:\
|
||||
# :memoryuse-cur=32M:\
|
||||
# :maxproc-cur=64:\
|
||||
# :openfiles-cur=1024:\
|
||||
# :priority=0:\
|
||||
# :requirehome@:\
|
||||
# :umask=022:\
|
||||
# :tc=auth-root-defaults:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Settings used by /etc/rc
|
||||
##
|
||||
#daemon:\
|
||||
# :coredumpsize@:\
|
||||
# :coredumpsize-cur=0:\
|
||||
# :datasize=infinity:\
|
||||
# :datasize-cur@:\
|
||||
# :maxproc=512:\
|
||||
# :maxproc-cur@:\
|
||||
# :memoryuse-cur=64M:\
|
||||
# :memorylocked-cur=64M:\
|
||||
# :openfiles=1024:\
|
||||
# :openfiles-cur@:\
|
||||
# :stacksize=16M:\
|
||||
# :stacksize-cur@:\
|
||||
# :tc=default:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Settings used by news subsystem
|
||||
##
|
||||
#news:\
|
||||
# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
|
||||
# :cputime=infinity:\
|
||||
# :filesize=128M:\
|
||||
# :datasize-cur=64M:\
|
||||
# :stacksize-cur=32M:\
|
||||
# :coredumpsize-cur=0:\
|
||||
# :maxmemorysize-cur=128M:\
|
||||
# :memorylocked=32M:\
|
||||
# :maxproc=128:\
|
||||
# :openfiles=256:\
|
||||
# :tc=default:
|
||||
#
|
||||
#
|
||||
##
|
||||
## The dialer class should be used for a dialup PPP/SLIP accounts
|
||||
## Welcome messages/news suppressed
|
||||
##
|
||||
#dialer:\
|
||||
# :hushlogin:\
|
||||
# :requirehome@:\
|
||||
# :cputime=unlimited:\
|
||||
# :filesize=2M:\
|
||||
# :datasize=2M:\
|
||||
# :stacksize=4M:\
|
||||
# :coredumpsize=0:\
|
||||
# :memoryuse=4M:\
|
||||
# :memorylocked=1M:\
|
||||
# :maxproc=16:\
|
||||
# :openfiles=32:\
|
||||
# :tc=standard:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Site full-time 24/7 PPP/SLIP connections
|
||||
## - no time accounting, restricted to access via dialin lines
|
||||
##
|
||||
#site:\
|
||||
# :ignoretime:\
|
||||
# :passwordperiod@:\
|
||||
# :refreshtime@:\
|
||||
# :refreshperiod@:\
|
||||
# :sessionlimit@:\
|
||||
# :autodelete@:\
|
||||
# :expireperiod@:\
|
||||
# :graceexpire@:\
|
||||
# :gracetime@:\
|
||||
# :warnexpire@:\
|
||||
# :warnpassword@:\
|
||||
# :idletime@:\
|
||||
# :sessiontime@:\
|
||||
# :daytime@:\
|
||||
# :weektime@:\
|
||||
# :monthtime@:\
|
||||
# :warntime@:\
|
||||
# :accounted@:\
|
||||
# :tc=dialer:\
|
||||
# :tc=staff:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Example standard accounting entries for subscriber levels
|
||||
##
|
||||
#
|
||||
#subscriber|Subscribers:\
|
||||
# :accounted:\
|
||||
# :refreshtime=180d:\
|
||||
# :refreshperiod@:\
|
||||
# :sessionlimit@:\
|
||||
# :autodelete=30d:\
|
||||
# :expireperiod=180d:\
|
||||
# :graceexpire=7d:\
|
||||
# :gracetime=10m:\
|
||||
# :warnexpire=7d:\
|
||||
# :warnpassword=7d:\
|
||||
# :idletime=30m:\
|
||||
# :sessiontime=4h:\
|
||||
# :daytime=6h:\
|
||||
# :weektime=40h:\
|
||||
# :monthtime=120h:\
|
||||
# :warntime=4h:\
|
||||
# :tc=standard:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Subscriber accounts. These accounts have their login times
|
||||
## accounted and have access limits applied.
|
||||
##
|
||||
#subppp|PPP Subscriber Accounts:\
|
||||
# :tc=dialer:\
|
||||
# :tc=subscriber:
|
||||
#
|
||||
#
|
||||
#subslip|SLIP Subscriber Accounts:\
|
||||
# :tc=dialer:\
|
||||
# :tc=subscriber:
|
||||
#
|
||||
#
|
||||
#subshell:Shell Subscriber Accounts:\
|
||||
# :tc=subscriber:
|
||||
#
|
||||
#
|
||||
##
|
||||
## Russian Users Accounts. Setup proper environment variables.
|
||||
##
|
||||
#russian:Russian Users Accounts:\
|
||||
# :charset=KOI8-R:\
|
||||
# :lang=ru_RU.KOI8-R:\
|
||||
# :tc=default:
|
Loading…
Reference in New Issue
Block a user