Annotation of src/usr.bin/login/login.1, Revision 1.20
1.20 ! jmc 1: .\" $OpenBSD: login.1,v 1.19 2002/10/16 01:08:56 millert Exp $
1.1 deraadt 2: .\"
3: .\" Copyright (c) 1980, 1990, 1993
4: .\" The Regents of the University of California. All rights reserved.
5: .\"
6: .\" Redistribution and use in source and binary forms, with or without
7: .\" modification, are permitted provided that the following conditions
8: .\" are met:
9: .\" 1. Redistributions of source code must retain the above copyright
10: .\" notice, this list of conditions and the following disclaimer.
11: .\" 2. Redistributions in binary form must reproduce the above copyright
12: .\" notice, this list of conditions and the following disclaimer in the
13: .\" documentation and/or other materials provided with the distribution.
14: .\" 3. All advertising materials mentioning features or use of this software
15: .\" must display the following acknowledgement:
16: .\" This product includes software developed by the University of
17: .\" California, Berkeley and its contributors.
18: .\" 4. Neither the name of the University nor the names of its contributors
19: .\" may be used to endorse or promote products derived from this software
20: .\" without specific prior written permission.
21: .\"
22: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32: .\" SUCH DAMAGE.
33: .\"
34: .\" @(#)login.1 8.2 (Berkeley) 5/5/94
35: .\"
36: .Dd May 5, 1994
37: .Dt LOGIN 1
1.9 aaron 38: .Os
1.1 deraadt 39: .Sh NAME
40: .Nm login
41: .Nd log into the computer
42: .Sh SYNOPSIS
43: .Nm login
44: .Op Fl fp
45: .Op Fl h Ar hostname
1.15 millert 46: .Op Fl L Ar local-ip-address
47: .Op Fl R Ar remote-ip-address
1.14 millert 48: .Op Fl u Ar username
1.1 deraadt 49: .Op Ar user
50: .Sh DESCRIPTION
51: The
1.9 aaron 52: .Nm
1.1 deraadt 53: utility logs users (and pseudo-users) into the computer system.
54: .Pp
55: If no user is specified, or if a user is specified and authentication
56: of the user fails,
1.9 aaron 57: .Nm
1.1 deraadt 58: prompts for a user name.
1.15 millert 59: Authentication of users is normally done via passwords, though
60: external authentication mechanisms may be used (see
1.16 mpech 61: .Xr login.conf 5 ) .
1.15 millert 62: To specify the alternate authentication mechanism
63: .Va style ,
64: the string
65: .Li : Ns Va style
66: is appended to the user name (i.e.,
67: .Ar user Ns Li : Ns Va style Ns ).
1.1 deraadt 68: .Pp
69: The options are as follows:
70: .Bl -tag -width Ds
71: .It Fl f
72: The
73: .Fl f
74: option is used when a user name is specified to indicate that proper
75: authentication has already been done and that no password need be
76: requested.
1.12 aaron 77: This option may only be used by the superuser or when an already
1.1 deraadt 78: logged in user is logging in as themselves.
1.11 deraadt 79: .It Fl h Ar hostname
1.14 millert 80: Specifies the host from which the connection was received.
81: It is used by various daemons such as
82: .Xr telnetd 8 .
83: This option may only be used by the superuser.
1.15 millert 84: .It Fl L
85: The
86: .Fl L
1.20 ! jmc 87: option specifies the local IP address of a socket such as telnetd
1.15 millert 88: would use.
89: This information is passed on to any classify script (see
90: .Xr login.conf 5 ) .
1.1 deraadt 91: .It Fl p
92: By default,
1.9 aaron 93: .Nm
1.1 deraadt 94: discards any previous environment.
95: The
96: .Fl p
97: option disables this behavior.
1.15 millert 98: .It Fl R
99: The
100: .Fl R
1.20 ! jmc 101: option specifies the remote IP address of a socket such as telnetd
1.15 millert 102: would use.
103: This information is passed on to any classify script (see
104: .Xr login.conf 5 ) .
105: .It Fl u Ar username
106: Specifies the remote user that initiated the connection.
107: It is used by various daemons such as
108: .Xr telnetd 8 .
109: This option may only be used by the superuser.
1.1 deraadt 110: .El
111: .Pp
112: If the file
113: .Pa /etc/nologin
1.15 millert 114: exists (and the
115: .Dq ignorenologin
116: boolean is not set in the user's login class),
1.9 aaron 117: .Nm
1.1 deraadt 118: displays its contents to the user and exits.
119: This is used by
1.12 aaron 120: .Xr shutdown 8
1.1 deraadt 121: to prevent users from logging in when the system is about to go down.
122: .Pp
1.3 deraadt 123: If the file
124: .Pa /etc/fbtab
125: exists,
1.9 aaron 126: .Nm
1.3 deraadt 127: changes the protection and ownership of certain devices specified in this
128: file.
129: .Pp
1.10 aaron 130: If the file
1.5 millert 131: .Pa /var/log/failedlogin
1.10 aaron 132: exists,
1.9 aaron 133: .Nm
1.5 millert 134: will record failed login attempts in this file.
135: .Pp
1.1 deraadt 136: Immediately after logging a user in,
1.9 aaron 137: .Nm
1.1 deraadt 138: displays the system copyright notice, the date and time the user last
1.8 pjanzen 139: logged in, the date and time of the last unsuccessful login (if the file
1.5 millert 140: .Pa /var/log/failedlogin
141: exists), the message of the day as well as other information.
1.1 deraadt 142: If the file
143: .Dq Pa .hushlogin
144: exists in the user's home directory, all of these messages are suppressed.
145: This is to simplify logins for non-human users, such as
1.20 ! jmc 146: .Xr uucp .
1.9 aaron 147: .Nm
1.1 deraadt 148: then records an entry in the
149: .Xr wtmp 5
150: and
151: .Xr utmp 5
152: files and executes the user's command interpreter.
153: .Pp
1.9 aaron 154: .Nm
1.7 aaron 155: enters information into the environment (see
1.1 deraadt 156: .Xr environ 7 )
1.7 aaron 157: specifying the user's home directory
158: .Pq Ev HOME ,
159: command interpreter
160: .Pq Ev SHELL ,
161: search path
162: .Pq Ev PATH ,
163: terminal type
164: .Pq Ev TERM ,
165: and user name
166: .Po both Ev LOGNAME and Ev USER
167: .Pc .
1.1 deraadt 168: .Pp
169: The standard shells,
170: .Xr csh 1
171: and
172: .Xr sh 1 ,
173: do not fork before executing the
1.9 aaron 174: .Nm
1.1 deraadt 175: utility.
1.19 millert 176: .Pp
177: Note that if
178: .Nm
179: is invoked by a non-root user, it will execute
180: .Xr su 1
181: in
182: .Nm
183: emulation mode instead.
1.14 millert 184: .Sh ENVIRONMENT
185: .Nm
186: sets the following environment variables:
187: .Bl -tag -width REMOTEHOST
188: .It Ev HOME
189: The user's home directory, as specified by the password database.
190: .It Ev SHELL
191: The user's shell, as specified by the password database.
192: .It Ev TERM
193: The user's terminal type, if it can be determined.
194: .It Ev LOGNAME
195: The user's login name.
196: .It Ev USER
197: Same as
198: .Ev LOGNAME .
199: .It Ev REMOTEHOST
200: The name of the host from which the user logged in, if the
201: .Fl h
202: flag was specified.
203: .It Ev REMOTEUSER
204: The name of the remote user who initiated the connection, if the
205: .Fl u
206: flag was specified.
207: .El
1.1 deraadt 208: .Sh FILES
1.7 aaron 209: .Bl -tag -width /var/log/failedlogin -compact
1.3 deraadt 210: .It Pa /etc/fbtab
211: changes device protections
1.15 millert 212: .It Pa /etc/login.conf
213: login configuration
1.1 deraadt 214: .It Pa /etc/motd
215: message-of-the-day
216: .It Pa /etc/nologin
217: disallows logins
218: .It Pa /var/run/utmp
219: current logins
1.15 millert 220: .It Pa /var/log/failedlogin
221: failed login account records
1.1 deraadt 222: .It Pa /var/log/lastlog
223: last login account records
224: .It Pa /var/log/wtmp
225: login account records
226: .It Pa /var/mail/user
227: system mailboxes
228: .It Pa \&.hushlogin
229: makes login quieter
230: .El
231: .Sh SEE ALSO
232: .Xr chpass 1 ,
233: .Xr passwd 1 ,
1.19 millert 234: .Xr su 1 ,
1.18 millert 235: .Xr telnet 1 ,
1.1 deraadt 236: .Xr getpass 3 ,
1.15 millert 237: .Xr setusercontext 3 ,
1.7 aaron 238: .Xr fbtab 5 ,
1.15 millert 239: .Xr login.conf 5 ,
1.1 deraadt 240: .Xr utmp 5 ,
1.7 aaron 241: .Xr environ 7
1.1 deraadt 242: .Sh HISTORY
243: A
1.9 aaron 244: .Nm
1.7 aaron 245: utility appeared in
1.17 mickey 246: .At v3 .