login.conf revision 181905 
158579Srwatson# login.conf - login class capabilities database.
221526Sdavidn#
358579Srwatson# Remember to rebuild the database after each change to this file:
458579Srwatson#
521526Sdavidn#	cap_mkdb /etc/login.conf
621526Sdavidn#
721526Sdavidn# This file controls resource limits, accounting limits and
821526Sdavidn# default user environment settings.
921526Sdavidn#
1050472Speter# $FreeBSD: head/etc/login.conf 181905 2008-08-20 08:31:58Z ed $
1121526Sdavidn#
1221526Sdavidn
1339375Smsmith# Default settings effectively disable resource limits, see the
1439375Smsmith# examples below for a starting point to enable them.
1521526Sdavidn
1642149Shoek# defaults
1721526Sdavidn# These settings are used by login(1) by default for classless users
1821526Sdavidn# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
19149672Skeramida#
20149672Skeramida# Note that since a colon ':' is used to separate capability entries,
21149672Skeramida# a \c escape sequence must be used to embed a literal colon in the
22149672Skeramida# value or name of a capability (see the ``CGETNUM AND CGETSTR SYNTAX
23149672Skeramida# AND SEMANTICS'' section of getcap(3) for more escape sequences).
2421526Sdavidn
2521526Sdavidndefault:\
2669015Sobrien	:passwd_format=md5:\
2770189Srwatson	:copyright=/etc/COPYRIGHT:\
2821526Sdavidn	:welcome=/etc/motd:\
2987887Smikeh	:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
30170088Sdougb	:path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin ~/bin:\
3142515Sasami	:nologin=/var/run/nologin:\
3239375Smsmith	:cputime=unlimited:\
3339375Smsmith	:datasize=unlimited:\
3439375Smsmith	:stacksize=unlimited:\
3539375Smsmith	:memorylocked=unlimited:\
3639375Smsmith	:memoryuse=unlimited:\
3739375Smsmith	:filesize=unlimited:\
3839375Smsmith	:coredumpsize=unlimited:\
3939375Smsmith	:openfiles=unlimited:\
4039375Smsmith	:maxproc=unlimited:\
4161184Salfred	:sbsize=unlimited:\
4298853Sdillon	:vmemoryuse=unlimited:\
43181905Sed	:pseudoterminals=unlimited:\
4421538Sdavidn	:priority=0:\
4521526Sdavidn	:ignoretime@:\
4639375Smsmith	:umask=022:
4721526Sdavidn
4821943Sdavidn
4921538Sdavidn#
5039375Smsmith# A collection of common class names - forward them all to 'default'
5139375Smsmith# (login would normally do this anyway, but having a class name
5239375Smsmith#  here suppresses the diagnostic)
5321538Sdavidn#
5439375Smsmithstandard:\
5539375Smsmith	:tc=default:
5621538Sdavidnxuser:\
5739375Smsmith	:tc=default:
5821526Sdavidnstaff:\
5939375Smsmith	:tc=default:
6039375Smsmithdaemon:\
6139424Sdt	:tc=default:
6239375Smsmithnews:\
6339375Smsmith	:tc=default:
6439375Smsmithdialer:\
6539375Smsmith	:tc=default:
6621526Sdavidn
6721526Sdavidn#
6839375Smsmith# Root can always login
6921526Sdavidn#
7048814Snik# N.B.  login_getpwclass(3) will use this entry for the root account,
7148814Snik#       in preference to 'default'.
7221526Sdavidnroot:\
7339375Smsmith	:ignorenologin:\
7439375Smsmith	:tc=default:
7521526Sdavidn
7621526Sdavidn#
7739375Smsmith# Russian Users Accounts. Setup proper environment variables.
7821526Sdavidn#
7991527Srwatsonrussian|Russian Users Accounts:\
8039375Smsmith	:charset=KOI8-R:\
8139375Smsmith	:lang=ru_RU.KOI8-R:\
8221526Sdavidn	:tc=default:
8321526Sdavidn
8421526Sdavidn
8539375Smsmith######################################################################
8639375Smsmith######################################################################
8739375Smsmith##
8839375Smsmith## Example entries
89130151Sschweikh##
9039375Smsmith######################################################################
9139375Smsmith######################################################################
9239375Smsmith
9339375Smsmith## Example defaults
9439375Smsmith## These settings are used by login(1) by default for classless users
9539375Smsmith## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
9621526Sdavidn#
9739375Smsmith#default:\
9839375Smsmith#	:cputime=infinity:\
9939375Smsmith#	:datasize-cur=22M:\
10039375Smsmith#	:stacksize-cur=8M:\
10139375Smsmith#	:memorylocked-cur=10M:\
10239375Smsmith#	:memoryuse-cur=30M:\
10339375Smsmith#	:filesize=infinity:\
10439375Smsmith#	:coredumpsize=infinity:\
10539375Smsmith#	:maxproc-cur=64:\
10639375Smsmith#	:openfiles-cur=64:\
10739375Smsmith#	:priority=0:\
10839375Smsmith#	:requirehome@:\
10939375Smsmith#	:umask=022:\
11039375Smsmith#	:tc=auth-defaults:
11121526Sdavidn#
11221526Sdavidn#
11339375Smsmith##
11439375Smsmith## standard - standard user defaults
11539375Smsmith##
11639375Smsmith#standard:\
11770189Srwatson#	:copyright=/etc/COPYRIGHT:\
11839375Smsmith#	:welcome=/etc/motd:\
11943220Sdg#	:setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
12039375Smsmith#	:path=~/bin /bin /usr/bin /usr/local/bin:\
12139375Smsmith#	:manpath=/usr/share/man /usr/local/man:\
12242587Sasami#	:nologin=/var/run/nologin:\
12339375Smsmith#	:cputime=1h30m:\
12439375Smsmith#	:datasize=8M:\
12598853Sdillon#	:vmemoryuse=100M:\
12639375Smsmith#	:stacksize=2M:\
12739375Smsmith#	:memorylocked=4M:\
12839375Smsmith#	:memoryuse=8M:\
12939375Smsmith#	:filesize=8M:\
13039375Smsmith#	:coredumpsize=8M:\
13139375Smsmith#	:openfiles=24:\
13239375Smsmith#	:maxproc=32:\
13339375Smsmith#	:priority=0:\
13439375Smsmith#	:requirehome:\
13546209Shoek#	:passwordtime=90d:\
13639375Smsmith#	:umask=002:\
13739375Smsmith#	:ignoretime@:\
13839375Smsmith#	:tc=default:
13921526Sdavidn#
14021526Sdavidn#
14139375Smsmith##
14239375Smsmith## users of X (needs more resources!)
14339375Smsmith##
14439375Smsmith#xuser:\
145170088Sdougb#	:manpath=/usr/share/man /usr/local/man:\
14639375Smsmith#	:cputime=4h:\
14739375Smsmith#	:datasize=12M:\
14898853Sdillon#	:vmemoryuse=infinity:\
14939375Smsmith#	:stacksize=4M:\
15039375Smsmith#	:filesize=8M:\
15139375Smsmith#	:memoryuse=16M:\
15239375Smsmith#	:openfiles=32:\
15339375Smsmith#	:maxproc=48:\
15439375Smsmith#	:tc=standard:
15525369Sache#
15625369Sache#
15739375Smsmith##
15839375Smsmith## Staff users - few restrictions and allow login anytime
15939375Smsmith##
16039375Smsmith#staff:\
16139375Smsmith#	:ignorenologin:\
16239375Smsmith#	:ignoretime:\
16339375Smsmith#	:requirehome@:\
16439375Smsmith#	:accounted@:\
16539375Smsmith#	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
16639375Smsmith#	:umask=022:\
16739375Smsmith#	:tc=standard:
16839375Smsmith#
16939375Smsmith#
17039375Smsmith##
17139375Smsmith## root - fallback for root logins
17239375Smsmith##
17339375Smsmith#root:\
17439375Smsmith#	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
17539375Smsmith#	:cputime=infinity:\
17639375Smsmith#	:datasize=infinity:\
17739375Smsmith#	:stacksize=infinity:\
17839375Smsmith#	:memorylocked=infinity:\
17939375Smsmith#	:memoryuse=infinity:\
18039375Smsmith#	:filesize=infinity:\
18139375Smsmith#	:coredumpsize=infinity:\
18239375Smsmith#	:openfiles=infinity:\
18339375Smsmith#	:maxproc=infinity:\
18439375Smsmith#	:memoryuse-cur=32M:\
18539375Smsmith#	:maxproc-cur=64:\
18639375Smsmith#	:openfiles-cur=1024:\
18739375Smsmith#	:priority=0:\
18839375Smsmith#	:requirehome@:\
18939375Smsmith#	:umask=022:\
19039375Smsmith#	:tc=auth-root-defaults:
19139375Smsmith#
19239375Smsmith#
19339375Smsmith##
19439375Smsmith## Settings used by /etc/rc
19539375Smsmith##
19639375Smsmith#daemon:\
19739375Smsmith#	:coredumpsize@:\
19839375Smsmith#	:coredumpsize-cur=0:\
19939375Smsmith#	:datasize=infinity:\
20039375Smsmith#	:datasize-cur@:\
20139375Smsmith#	:maxproc=512:\
20239375Smsmith#	:maxproc-cur@:\
20339375Smsmith#	:memoryuse-cur=64M:\
20439375Smsmith#	:memorylocked-cur=64M:\
20539375Smsmith#	:openfiles=1024:\
20639375Smsmith#	:openfiles-cur@:\
20739375Smsmith#	:stacksize=16M:\
20839375Smsmith#	:stacksize-cur@:\
20939375Smsmith#	:tc=default:
21039375Smsmith#
21139375Smsmith#
21239375Smsmith##
21339375Smsmith## Settings used by news subsystem
21439375Smsmith##
21539375Smsmith#news:\
21639375Smsmith#	:path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
21739375Smsmith#	:cputime=infinity:\
21839375Smsmith#	:filesize=128M:\
21939375Smsmith#	:datasize-cur=64M:\
22039375Smsmith#	:stacksize-cur=32M:\
22139375Smsmith#	:coredumpsize-cur=0:\
22239375Smsmith#	:maxmemorysize-cur=128M:\
22339375Smsmith#	:memorylocked=32M:\
22439375Smsmith#	:maxproc=128:\
22539375Smsmith#	:openfiles=256:\
22639375Smsmith#	:tc=default:
22739375Smsmith#
22839375Smsmith#
22939375Smsmith##
23039375Smsmith## The dialer class should be used for a dialup PPP/SLIP accounts
23139375Smsmith## Welcome messages/news suppressed
23239375Smsmith##
23339375Smsmith#dialer:\
23439375Smsmith#	:hushlogin:\
23539375Smsmith#	:requirehome@:\
23639375Smsmith#	:cputime=unlimited:\
23739375Smsmith#	:filesize=2M:\
23839375Smsmith#	:datasize=2M:\
23939375Smsmith#	:stacksize=4M:\
24039375Smsmith#	:coredumpsize=0:\
24139375Smsmith#	:memoryuse=4M:\
24239375Smsmith#	:memorylocked=1M:\
24339375Smsmith#	:maxproc=16:\
24439375Smsmith#	:openfiles=32:\
24539375Smsmith#	:tc=standard:
24639375Smsmith#
24739375Smsmith#
24839375Smsmith##
24939375Smsmith## Site full-time 24/7 PPP/SLIP connections
25039375Smsmith## - no time accounting, restricted to access via dialin lines
25139375Smsmith##
25239375Smsmith#site:\
25339375Smsmith#	:ignoretime:\
25446209Shoek#	:passwordtime@:\
25539375Smsmith#	:refreshtime@:\
25639375Smsmith#	:refreshperiod@:\
25739375Smsmith#	:sessionlimit@:\
25839375Smsmith#	:autodelete@:\
25939375Smsmith#	:expireperiod@:\
26039375Smsmith#	:graceexpire@:\
26139375Smsmith#	:gracetime@:\
26239375Smsmith#	:warnexpire@:\
26339375Smsmith#	:warnpassword@:\
26439375Smsmith#	:idletime@:\
26539375Smsmith#	:sessiontime@:\
26639375Smsmith#	:daytime@:\
26739375Smsmith#	:weektime@:\
26839375Smsmith#	:monthtime@:\
26939375Smsmith#	:warntime@:\
27039375Smsmith#	:accounted@:\
27139375Smsmith#	:tc=dialer:\
27239375Smsmith#	:tc=staff:
27339375Smsmith#
27439375Smsmith#
27539375Smsmith##
27639375Smsmith## Example standard accounting entries for subscriber levels
27739375Smsmith##
27839375Smsmith#
27939375Smsmith#subscriber|Subscribers:\
28039375Smsmith#	:accounted:\
28139375Smsmith#	:refreshtime=180d:\
28239375Smsmith#	:refreshperiod@:\
28339375Smsmith#	:sessionlimit@:\
28439375Smsmith#	:autodelete=30d:\
28539375Smsmith#	:expireperiod=180d:\
28639375Smsmith#	:graceexpire=7d:\
28739375Smsmith#	:gracetime=10m:\
28839375Smsmith#	:warnexpire=7d:\
28939375Smsmith#	:warnpassword=7d:\
29039375Smsmith#	:idletime=30m:\
29139375Smsmith#	:sessiontime=4h:\
29239375Smsmith#	:daytime=6h:\
29339375Smsmith#	:weektime=40h:\
29439375Smsmith#	:monthtime=120h:\
29539375Smsmith#	:warntime=4h:\
29639375Smsmith#	:tc=standard:
29739375Smsmith#
29839375Smsmith#
29939375Smsmith##
30039375Smsmith## Subscriber accounts. These accounts have their login times
30139375Smsmith## accounted and have access limits applied.
30239375Smsmith##
30339375Smsmith#subppp|PPP Subscriber Accounts:\
30439375Smsmith#	:tc=dialer:\
30539375Smsmith#	:tc=subscriber:
30639375Smsmith#
30739375Smsmith#
30839375Smsmith#subslip|SLIP Subscriber Accounts:\
30939375Smsmith#	:tc=dialer:\
31039375Smsmith#	:tc=subscriber:
31139375Smsmith#
31239375Smsmith#
31391528Srwatson#subshell|Shell Subscriber Accounts:\
31439375Smsmith#	:tc=subscriber:
31539375Smsmith#
31669015Sobrien##
31769015Sobrien## If you want some of the accounts to use traditional UNIX DES based
31869015Sobrien## password hashes.
31969015Sobrien##
32069015Sobrien#des_users:\
32183325Sru#	:passwd_format=des:\
32269015Sobrien#	:tc=default:
323