1 # login.conf - login class capabilities database.
3 # Remember to rebuild the database after each change to this file:
5 # cap_mkdb /etc/login.conf
7 # This file controls resource limits, accounting limits and
8 # default user environment settings.
13 # Default settings effectively disable resource limits, see the
14 # examples below for a starting point to enable them.
17 # These settings are used by login(1) by default for classless users
18 # Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
20 # Note that since a colon ':' is used to separate capability entries,
21 # a \c escape sequence must be used to embed a literal colon in the
22 # value or name of a capability (see the ``CGETNUM AND CGETSTR SYNTAX
23 # AND SEMANTICS'' section of getcap(3) for more escape sequences).
26 :passwd_format=sha512:\
27 :copyright=/etc/COPYRIGHT:\
29 :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
30 :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin ~/bin:\
31 :nologin=/var/run/nologin:\
34 :stacksize=unlimited:\
36 :memoryuse=unlimited:\
38 :coredumpsize=unlimited:\
39 :openfiles=unlimited:\
42 :vmemoryuse=unlimited:\
44 :pseudoterminals=unlimited:\
51 # A collection of common class names - forward them all to 'default'
52 # (login would normally do this anyway, but having a class name
53 # here suppresses the diagnostic)
70 # Root can always login
72 # N.B. login_getpwclass(3) will use this entry for the root account,
73 # in preference to 'default'.
76 :memorylocked=unlimited:\
80 # Russian Users Accounts. Setup proper environment variables.
82 russian|Russian Users Accounts:\
88 ######################################################################
89 ######################################################################
93 ######################################################################
94 ######################################################################
97 ## These settings are used by login(1) by default for classless users
98 ## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
101 # :cputime=infinity:\
102 # :datasize-cur=22M:\
103 # :stacksize-cur=8M:\
104 # :memorylocked-cur=10M:\
105 # :memoryuse-cur=30M:\
106 # :filesize=infinity:\
107 # :coredumpsize=infinity:\
109 # :openfiles-cur=64:\
117 ## standard - standard user defaults
120 # :copyright=/etc/COPYRIGHT:\
121 # :welcome=/etc/motd:\
122 # :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
123 # :path=~/bin /bin /usr/bin /usr/local/bin:\
124 # :manpath=/usr/share/man /usr/local/man:\
125 # :nologin=/var/run/nologin:\
138 # :passwordtime=90d:\
145 ## users of X (needs more resources!)
148 # :manpath=/usr/share/man /usr/local/man:\
151 # :vmemoryuse=infinity:\
161 ## Staff users - few restrictions and allow login anytime
168 # :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
174 ## root - fallback for root logins
177 # :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
178 # :cputime=infinity:\
179 # :datasize=infinity:\
180 # :stacksize=infinity:\
181 # :memorylocked=infinity:\
182 # :memoryuse=infinity:\
183 # :filesize=infinity:\
184 # :coredumpsize=infinity:\
185 # :openfiles=infinity:\
186 # :maxproc=infinity:\
187 # :memoryuse-cur=32M:\
189 # :openfiles-cur=1024:\
193 # :tc=auth-root-defaults:
197 ## Settings used by /etc/rc
201 # :coredumpsize-cur=0:\
202 # :datasize=infinity:\
206 # :memoryuse-cur=64M:\
207 # :memorylocked-cur=64M:\
216 ## Settings used by news subsystem
219 # :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
220 # :cputime=infinity:\
222 # :datasize-cur=64M:\
223 # :stacksize-cur=32M:\
224 # :coredumpsize-cur=0:\
225 # :maxmemorysize-cur=128M:\
226 # :memorylocked=32M:\
233 ## The dialer class should be used for a dialup PPP account
234 ## Welcome messages/news suppressed
239 # :cputime=unlimited:\
252 ## Site full-time 24/7 PPP connection
253 ## - no time accounting, restricted to access via dialin lines
279 ## Example standard accounting entries for subscriber levels
282 #subscriber|Subscribers:\
284 # :refreshtime=180d:\
288 # :expireperiod=180d:\
303 ## Subscriber accounts. These accounts have their login times
304 ## accounted and have access limits applied.
306 #subppp|PPP Subscriber Accounts:\
311 #subshell|Shell Subscriber Accounts:\
315 ## If you want some of the accounts to use traditional UNIX DES based
319 # :passwd_format=des:\