summaryrefslogblamecommitdiffstats
path: root/login-utils/login.1
blob: d5d372d88bdc8347ead3f6f747bc6a6d49d0b78c (plain) (tree) 
6dbe3af94


232dc924c ^

6dbe3af94

7d6b450d7 ^

6dbe3af94

7d6b450d7 ^







92e386cac ^


7d6b450d7 ^





6dbe3af94


bc4aa3b58 ^

7d6b450d7 ^

6dbe3af94



7d6b450d7 ^



6dbe3af94

7d6b450d7 ^

6dbe3af94

7d6b450d7 ^





6dbe3af94

7d6b450d7 ^
















6dbe3af94

7d6b450d7 ^


6dbe3af94

7d6b450d7 ^








fd6b7a7ff ^

6dbe3af94









7d6b450d7 ^











6dbe3af94



















fd6b7a7ff ^


726f69e29 ^

067f5343c ^







92e386cac ^







0effd19e0 ^



4d8fc09c2 ^



















9abd9cded ^





ca5ee2a83 ^



f950752b9 ^


ca5ee2a83 ^

738246edb ^





45d0a30ea ^









84d3c9ffb ^











738246edb ^

84d3c9ffb ^





91d0a9135 ^







cea8ec53d ^








9f7293ea8 ^












6dbe3af94


726f69e29 ^



cad18f615 ^

6dbe3af94



067f5343c ^


ee74f262b ^

6dbe3af94











fd6b7a7ff ^

6dbe3af94





7eda085c4 ^










6dbe3af94

fd6b7a7ff ^


6dbe3af94


ee74f262b ^


86d62711a ^

601d12fb1 ^


1
2

3

4

5

6

7
8
9
10
11
12
13

14
15

16
17
18
19
20

21
22

23

24

25
26
27

28
29
30

31

32

33

34
35
36
37
38

39

40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

56

57
58

59

60
61
62
63
64
65
66
67

68

69
70
71
72
73
74
75
76
77

78
79
80
81
82
83
84
85
86
87
88

89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

108
109

110

111
112
113
114
115
116
117

118
119
120
121
122
123
124

125
126
127

128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

147
148
149
150
151

152
153
154

155
156

157

158
159
160
161
162

163
164
165
166
167
168
169
170
171

172
173
174
175
176
177
178
179
180
181
182

183

184
185
186
187
188

189
190
191
192
193
194
195

196
197
198
199
200
201
202
203

204
205
206
207
208
209
210
211
212
213
214
215

216
217

218
219
220

221

222
223
224

225
226

227

228
229
230
231
232
233
234
235
236
237
238

239

240
241
242
243
244

245
246
247
248
249
250
251
252
253
254

255

256
257

258
259

260
261

262

263
264


                                                           
                                                     
        
                                    
            






        

       




            

               
                                   
                        


                         


                                                                           
        
                                             
 




                                                                            
 















                                                                      
                        

                                 
 







                                                                  
       








                                               










                                                                        


















                                                                   

                                                                      
 






                                                                                    






                                                                     


                       


















                                                                               




                                                       


                         

                                                                       
   




                                                    








                                                                                   










                                                                              
 




                                                                       






                                                                              







                                                                            











                                                                                           

         


                   
                    


               

                    
                  










                
 




                                                      









                                                                          
          

                                                                    

                                                     

                                                            
                

                                                                         
.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
.\" May be distributed under the GNU General Public License
.TH LOGIN 1 "March 2009" "util-linux" "User Commands"
.SH NAME
login \- begin session on the system
.SH SYNOPSIS
.B login
[
.BR \-p
] [
.BR \-h
.IR host
] [
.BR \-H
] [
.BR \-f
.IR username
|
.IR username
]
.SH DESCRIPTION
.B login
is used when signing onto a system.
If no argument is given,
.B login
prompts for the username.

The user is then prompted for a password, where approprate.  Echoing is
disabled to prevent revealing the password. Only a small number of password
failures are permitted before
.B login
exits and the communications link is severed.

If password aging has been enabled for the account, the user may be prompted
for a new password before proceeding. He will be forced to provide his old
password and the new password before continuing. Please refer to
.BR passwd (1)
for more information.

The user and group ID will be set according to their values in the
.I /etc/passwd
file. There is one exception if the user ID is zero: in this case,
only the primary group ID of the account is set. This should prevent
that the system adminitrator cannot login in case of network problems.
The value for
.BR $HOME ,
.BR $SHELL ,
.BR $PATH ,
.BR $LOGNAME ,
and
.B $MAIL
are set according to the appropriate fields in the password entry.
.B $PATH
defaults to
.I /usr/local/bin:/bin:/usr/bin:.
for normal users, and to
.I /sbin:/bin:/usr/sbin:/usr/bin
for root if not other configured.

The environment variable
.B $TERM
will be preserved, if it exists (other environment variables are
preserved if the
.B \-p
option is given) or be initialize to the terminal type on your tty

Then the user's shell is started. If no shell is specified for the
user in
.BR /etc/passwd ,
then
.B /bin/sh
is used.  If there is no directory specified in
.IR /etc/passwd ,
then
.I /
is used (the home directory is checked for the
.I .hushlogin
file described below).

If the file
.I .hushlogin
exists, then a "quiet" login is performed (this disables the checking
of mail and the printing of the last login time and message of the day).
Otherwise, if
.I /var/log/lastlog
exists, the last login time is printed (and the current login is
recorded).

.SH OPTIONS
.TP
.B \-p
Used by
.BR getty (8)
to tell
.B login
not to destroy the environment
.TP
.B \-f
Used to skip a second login authentication.  This specifically does
.B not
work for root, and does not appear to work well under Linux.
.TP
.B \-h
Used by other servers (i.e.,
.BR telnetd (8))
to pass the name of the remote host to
.B login
so that it may be placed in utmp and wtmp.  Only the superuser may use
this option.

Note that the \fB-h\fP option has impact on the \fBPAM service name\fP. The standard
service name is "login", with the \fB-h\fP option the name is "remote". It's
necessary to create a proper PAM config files (e.g.
.I /etc/pam.d/login
and 
.I /etc/pam.d/remote
).
.TP
.B \-H
Used by other servers (i.e.,
.BR telnetd (8))
to tell
.B login
that printing the hostname should be suppressed in the login: prompt.
.TP
.B \-V
Print version and exit.

.SH CONFIG FILE ITEMS
.B login
reads the
.IR /etc/login.defs (5)
configuration file. Note that the configuration file could be distributed with
another package (e.g. shadow-utils). The following configuration items are
relevant for
.BR login (1):
.PP
\fBMOTD_FILE\fR (string)
.RS 4
If defined, ":" delimited list of "message of the day" files to be displayed
upon login. The default value is "/etc/motd". If the \fBMOTD_FILE\fR item is
empty or "quiet" login is enabled then the message of the day is not displayed.
Note that the same functionality is also provided by
.BR pam_motd (8)
PAM module.
.RE
.PP
\fBLOGIN_TIMEOUT\fR (number)
.RS 4
Max time in seconds for login. The default value is 60.
.RE
.PP
\fBFAIL_DELAY\fR (number)
.RS 4
Delay in seconds before being allowed another three tries after a login
failure. The default value is 5.
.RE
.PP
\fBTTYPERM\fR (string)
.RS 4
The terminal permissions. The default value is 0600.
.RE
.PP
\fBTTYGROUP\fR (string)
.RS 4
The login tty will be owned by the
\fBTTYGROUP\fR. The default value is 'tty'. If the \fBTTYGROUP\fR does not exist
then the ownership of the terminal is set to the user\'s primary group.
.SP
The \fBTTYGROUP\fR can be either the name of a group or a numeric group identifier.
.RE
.PP
\fBHUSHLOGIN_FILE\fR (string)
.RS 4
If defined, this file can inhibit all the usual chatter during the login
sequence.  If a full pathname (e.g. /etc/hushlogins) is specified, then hushed
mode will be enabled if the user\'s name or shell are found in the file. If
this global hush login file is empty then the hushed mode will be enabled for
all users.

If not a full pathname is specified, then hushed mode will be enabled if the
file exists in the user\'s home directory.

The default is to check "/etc/hushlogins" and if does not exist then
"~/.hushlogin".

If the \fBHUSHLOGIN_FILE\fR item is empty then all checks are disabled.
.RE
.PP
\fBDEFAULT_HOME\fR (boolean)
.RS 4
Indicate if login is allowed if we can\'t cd to the home directory. If set to
\fIyes\fR, the user will login in the root (/) directory if it is not possible
to cd to her home directory. The default value is 'yes'.
.RE
.PP
\fBLOG_UNKFAIL_ENAB\fR (boolean)
.RS 4
Enable display of unknown usernames when login failures are recorded\&.
.sp
Note that logging unknown usernames may be a security issue if an user enter
her password instead of her login name.
.RE
.PP
\fBENV_PATH\fR (string)
.RS 4
If set, it will be used to define the PATH environment variable when a regular
user login. The default value is "/usr/local/bin:/bin:/usr/bin".
.RE
.PP
\fBENV_ROOTPATH\fR (string), \fBENV_SUPATH\fR (string)
.RS 4
If set, it will be used to define the PATH environment variable when the superuser
login. The default value is "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin".
.RE
.SH FILES
.nf
.I /var/run/utmp
.I /var/log/wtmp
.I /var/log/lastlog
.I /var/spool/mail/*
.I /etc/motd
.I /etc/passwd
.I /etc/nologin
.I /etc/pam.d/login
.I /etc/pam.d/remote
.I /etc/hushlogins
.I .hushlogin
.fi
.SH "SEE ALSO"
.BR init (8),
.BR getty (8),
.BR mail (1),
.BR passwd (1),
.BR passwd (5),
.BR environ (7),
.BR shutdown (8)
.SH BUGS

The undocumented BSD
.B \-r
option is not supported.  This may be required by some
.BR rlogind (8)
programs.

A recursive login, as used to be possible in the good old days,
no longer works; for most purposes
.BR su (1)
is a satisfactory substitute. Indeed, for security reasons,
login does a vhangup() system call to remove any possible
listening processes on the tty. This is to avoid password
sniffing. If one uses the command "login", then the surrounding shell
gets killed by vhangup() because it's no longer the true owner of the tty.
This can be avoided by using "exec login" in a top-level shell or xterm.
.SH AUTHOR
Derived from BSD login 5.40 (5/9/89) by Michael Glad (glad@daimi.dk)
for HP-UX
.br
Ported to Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
.br
Rewritten to PAM-only version by Karel Zak (kzak@redhat.com)
.SH AVAILABILITY
The login command is part of the util-linux package and is available from
ftp://ftp.kernel.org/pub/linux/utils/util-linux/.
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-19 12:18:39 +0200