xref: /dragonfly/etc/login.conf (revision 25a2db75) 
1# login.conf - login class capabilities database.
2#
3# Remember to rebuild the database after each change to this file:
4#
5#	cap_mkdb /etc/login.conf
6#
7# This file controls resource limits, accounting limits and
8# default user environment settings.
9#
10# $FreeBSD: src/etc/login.conf,v 1.34.2.6 2002/07/02 20:06:18 dillon Exp $
11# $DragonFly: src/etc/login.conf,v 1.5 2006/08/12 16:47:18 dillon Exp $
12#
13
14# Default settings effectively disable resource limits, see the
15# examples below for a starting point to enable them.
16
17# defaults
18# These settings are used by login(1) by default for classless users
19# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
20
21default:\
22	:passwd_format=sha512:\
23	:copyright=/etc/COPYRIGHT:\
24	:welcome=/etc/motd:\
25	:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
26	:path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/pkg/sbin /usr/pkg/bin ~/bin:\
27	:nologin=/var/run/nologin:\
28	:cputime=unlimited:\
29	:datasize=unlimited:\
30	:stacksize=unlimited:\
31	:memorylocked=unlimited:\
32	:memoryuse=unlimited:\
33	:filesize=unlimited:\
34	:coredumpsize=unlimited:\
35	:openfiles=unlimited:\
36	:maxproc=unlimited:\
37	:posixlocks=unlimited:\
38	:sbsize=unlimited:\
39	:vmemoryuse=unlimited:\
40	:priority=0:\
41	:ignoretime@:\
42	:umask=022:
43
44
45#
46# A collection of common class names - forward them all to 'default'
47# (login would normally do this anyway, but having a class name
48#  here suppresses the diagnostic)
49#
50standard:\
51	:tc=default:
52xuser:\
53	:tc=default:
54staff:\
55	:tc=default:
56daemon:\
57	:tc=default:
58news:\
59	:tc=default:
60dialer:\
61	:tc=default:
62
63#
64# Root can always login
65#
66# N.B.  login_getpwclass(3) will use this entry for the root account,
67#       in preference to 'default'.
68root:\
69	:ignorenologin:\
70	:tc=default:
71
72#
73# Russian Users Accounts. Setup proper environment variables.
74#
75russian|Russian Users Accounts:\
76	:charset=KOI8-R:\
77	:lang=ru_RU.KOI8-R:\
78	:tc=default:
79
80
81######################################################################
82######################################################################
83##
84## Example entries
85##
86######################################################################
87######################################################################
88
89## Example defaults
90## These settings are used by login(1) by default for classless users
91## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
92#
93#default:\
94#	:cputime=infinity:\
95#	:datasize-cur=22M:\
96#	:stacksize-cur=8M:\
97#	:memorylocked-cur=10M:\
98#	:memoryuse-cur=30M:\
99#	:filesize=infinity:\
100#	:coredumpsize=infinity:\
101#	:maxproc-cur=64:\
102#	:openfiles-cur=64:\
103#	:priority=0:\
104#	:requirehome@:\
105#	:umask=022:\
106#	:tc=auth-defaults:
107#
108#
109##
110## standard - standard user defaults
111##
112#standard:\
113#	:copyright=/etc/COPYRIGHT:\
114#	:welcome=/etc/motd:\
115#	:setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
116#	:path=~/bin /bin /usr/bin /usr/local/bin:\
117#	:manpath=/usr/share/man /usr/local/man:\
118#	:nologin=/var/run/nologin:\
119#	:cputime=1h30m:\
120#	:datasize=8M:\
121#	:vmemoryuse=100M:\
122#	:stacksize=2M:\
123#	:memorylocked=4M:\
124#	:memoryuse=8M:\
125#	:filesize=8M:\
126#	:coredumpsize=8M:\
127#	:openfiles=24:\
128#	:maxproc=32:\
129#	:priority=0:\
130#	:requirehome:\
131#	:passwordtime=90d:\
132#	:umask=002:\
133#	:ignoretime@:\
134#	:tc=default:
135#
136#
137##
138## users of X (needs more resources!)
139##
140#xuser:\
141#	:manpath=/usr/share/man /usr/pkg/man /usr/local/man:\
142#	:cputime=4h:\
143#	:datasize=12M:\
144#	:vmemoryuse=infinity:\
145#	:stacksize=4M:\
146#	:filesize=8M:\
147#	:memoryuse=16M:\
148#	:openfiles=32:\
149#	:maxproc=48:\
150#	:tc=standard:
151#
152#
153##
154## Staff users - few restrictions and allow login anytime
155##
156#staff:\
157#	:ignorenologin:\
158#	:ignoretime:\
159#	:requirehome@:\
160#	:accounted@:\
161#	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
162#	:umask=022:\
163#	:tc=standard:
164#
165#
166##
167## root - fallback for root logins
168##
169#root:\
170#	:path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
171#	:cputime=infinity:\
172#	:datasize=infinity:\
173#	:stacksize=infinity:\
174#	:memorylocked=infinity:\
175#	:memoryuse=infinity:\
176#	:filesize=infinity:\
177#	:coredumpsize=infinity:\
178#	:openfiles=infinity:\
179#	:maxproc=infinity:\
180#	:memoryuse-cur=32M:\
181#	:maxproc-cur=64:\
182#	:openfiles-cur=1024:\
183#	:priority=0:\
184#	:requirehome@:\
185#	:umask=022:\
186#	:tc=auth-root-defaults:
187#
188#
189##
190## Settings used by /etc/rc
191##
192#daemon:\
193#	:coredumpsize@:\
194#	:coredumpsize-cur=0:\
195#	:datasize=infinity:\
196#	:datasize-cur@:\
197#	:maxproc=512:\
198#	:maxproc-cur@:\
199#	:memoryuse-cur=64M:\
200#	:memorylocked-cur=64M:\
201#	:openfiles=1024:\
202#	:openfiles-cur@:\
203#	:stacksize=16M:\
204#	:stacksize-cur@:\
205#	:tc=default:
206#
207#
208##
209## Settings used by news subsystem
210##
211#news:\
212#	:path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
213#	:cputime=infinity:\
214#	:filesize=128M:\
215#	:datasize-cur=64M:\
216#	:stacksize-cur=32M:\
217#	:coredumpsize-cur=0:\
218#	:maxmemorysize-cur=128M:\
219#	:memorylocked=32M:\
220#	:maxproc=128:\
221#	:openfiles=256:\
222#	:tc=default:
223#
224#
225##
226## The dialer class should be used for a dialup PPP/SLIP accounts
227## Welcome messages/news suppressed
228##
229#dialer:\
230#	:hushlogin:\
231#	:requirehome@:\
232#	:cputime=unlimited:\
233#	:filesize=2M:\
234#	:datasize=2M:\
235#	:stacksize=4M:\
236#	:coredumpsize=0:\
237#	:memoryuse=4M:\
238#	:memorylocked=1M:\
239#	:maxproc=16:\
240#	:openfiles=32:\
241#	:tc=standard:
242#
243#
244##
245## Site full-time 24/7 PPP/SLIP connections
246## - no time accounting, restricted to access via dialin lines
247##
248#site:\
249#	:ignoretime:\
250#	:passwordtime@:\
251#	:refreshtime@:\
252#	:refreshperiod@:\
253#	:sessionlimit@:\
254#	:autodelete@:\
255#	:expireperiod@:\
256#	:graceexpire@:\
257#	:gracetime@:\
258#	:warnexpire@:\
259#	:warnpassword@:\
260#	:idletime@:\
261#	:sessiontime@:\
262#	:daytime@:\
263#	:weektime@:\
264#	:monthtime@:\
265#	:warntime@:\
266#	:accounted@:\
267#	:tc=dialer:\
268#	:tc=staff:
269#
270#
271##
272## Example standard accounting entries for subscriber levels
273##
274#
275#subscriber|Subscribers:\
276#	:accounted:\
277#	:refreshtime=180d:\
278#	:refreshperiod@:\
279#	:sessionlimit@:\
280#	:autodelete=30d:\
281#	:expireperiod=180d:\
282#	:graceexpire=7d:\
283#	:gracetime=10m:\
284#	:warnexpire=7d:\
285#	:warnpassword=7d:\
286#	:idletime=30m:\
287#	:sessiontime=4h:\
288#	:daytime=6h:\
289#	:weektime=40h:\
290#	:monthtime=120h:\
291#	:warntime=4h:\
292#	:tc=standard:
293#
294#
295##
296## Subscriber accounts. These accounts have their login times
297## accounted and have access limits applied.
298##
299#subppp|PPP Subscriber Accounts:\
300#	:tc=dialer:\
301#	:tc=subscriber:
302#
303#
304#subslip|SLIP Subscriber Accounts:\
305#	:tc=dialer:\
306#	:tc=subscriber:
307#
308#
309#subshell|Shell Subscriber Accounts:\
310#	:tc=subscriber:
311#
312##
313## If you want some of the accounts to use traditional UNIX DES based
314## password hashes.
315##
316#des_users:\
317#	:passwd_format=des:\
318#	:tc=default:
319