File: [local] / src / etc / Attic / login.conf.in (download)
Revision 1.4, Tue Jul 26 15:16:12 2011 UTC (12 years, 10 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE, OPENBSD_5_0 Changes since 1.3: +8 -1 lines
Show an example of overriding a limit for a specific daemon with rc.d(8).
Use bgpd(8) for this which on a peering router often needs openfiles-cur
to be higher than the default. ok henning@ claudio@ deraadt@
|
# $OpenBSD: login.conf.in,v 1.4 2011/07/26 15:16:12 sthen Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# token Generic X9.9 token authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin:\
:umask=022:\
:datasize-max=@DEF_DATASIZE_MAX@:\
:datasize-cur=@DEF_DATASIZE_CUR@:\
:maxproc-max=@DEF_MAXPROC_MAX@:\
:maxproc-cur=@DEF_MAXPROC_CUR@:\
:openfiles-cur=@DEF_OPENFILES_CUR@:\
:stacksize-cur=4M:\
:localcipher=blowfish,@DEF_BLOWFISH_RNDS@:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,@ROOT_BLOWFISH_RNDS@:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=@STAFF_DATASIZE_CUR@:\
:datasize-max=@STAFF_DATASIZE_MAX@:\
:maxproc-max=@STAFF_MAXPROC_MAX@:\
:maxproc-cur=@STAFF_MAXPROC_CUR@:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon: