Annotation of src/usr.bin/login/login.1, Revision 1.23
1.23 ! millert 1: .\" $OpenBSD: login.1,v 1.22 2003/06/10 09:12:10 jmc Exp $
1.1 deraadt 2: .\"
3: .\" Copyright (c) 1980, 1990, 1993
4: .\" The Regents of the University of California. All rights reserved.
5: .\"
6: .\" Redistribution and use in source and binary forms, with or without
7: .\" modification, are permitted provided that the following conditions
8: .\" are met:
9: .\" 1. Redistributions of source code must retain the above copyright
10: .\" notice, this list of conditions and the following disclaimer.
11: .\" 2. Redistributions in binary form must reproduce the above copyright
12: .\" notice, this list of conditions and the following disclaimer in the
13: .\" documentation and/or other materials provided with the distribution.
1.21 millert 14: .\" 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 15: .\" may be used to endorse or promote products derived from this software
16: .\" without specific prior written permission.
17: .\"
18: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28: .\" SUCH DAMAGE.
29: .\"
30: .\" @(#)login.1 8.2 (Berkeley) 5/5/94
31: .\"
32: .Dd May 5, 1994
33: .Dt LOGIN 1
1.9 aaron 34: .Os
1.1 deraadt 35: .Sh NAME
36: .Nm login
37: .Nd log into the computer
38: .Sh SYNOPSIS
39: .Nm login
40: .Op Fl fp
41: .Op Fl h Ar hostname
1.15 millert 42: .Op Fl L Ar local-ip-address
43: .Op Fl R Ar remote-ip-address
1.14 millert 44: .Op Fl u Ar username
1.1 deraadt 45: .Op Ar user
46: .Sh DESCRIPTION
47: The
1.9 aaron 48: .Nm
1.1 deraadt 49: utility logs users (and pseudo-users) into the computer system.
50: .Pp
51: If no user is specified, or if a user is specified and authentication
52: of the user fails,
1.9 aaron 53: .Nm
1.1 deraadt 54: prompts for a user name.
1.15 millert 55: Authentication of users is normally done via passwords, though
56: external authentication mechanisms may be used (see
1.16 mpech 57: .Xr login.conf 5 ) .
1.15 millert 58: To specify the alternate authentication mechanism
59: .Va style ,
60: the string
61: .Li : Ns Va style
62: is appended to the user name (i.e.,
1.22 jmc 63: .Ar user Ns Li : Ns Va style ) .
1.1 deraadt 64: .Pp
65: The options are as follows:
66: .Bl -tag -width Ds
67: .It Fl f
68: The
69: .Fl f
70: option is used when a user name is specified to indicate that proper
71: authentication has already been done and that no password need be
72: requested.
1.12 aaron 73: This option may only be used by the superuser or when an already
1.1 deraadt 74: logged in user is logging in as themselves.
1.11 deraadt 75: .It Fl h Ar hostname
1.14 millert 76: Specifies the host from which the connection was received.
77: It is used by various daemons such as
78: .Xr telnetd 8 .
79: This option may only be used by the superuser.
1.15 millert 80: .It Fl L
81: The
82: .Fl L
1.20 jmc 83: option specifies the local IP address of a socket such as telnetd
1.15 millert 84: would use.
85: This information is passed on to any classify script (see
86: .Xr login.conf 5 ) .
1.1 deraadt 87: .It Fl p
88: By default,
1.9 aaron 89: .Nm
1.1 deraadt 90: discards any previous environment.
91: The
92: .Fl p
93: option disables this behavior.
1.15 millert 94: .It Fl R
95: The
96: .Fl R
1.20 jmc 97: option specifies the remote IP address of a socket such as telnetd
1.15 millert 98: would use.
99: This information is passed on to any classify script (see
100: .Xr login.conf 5 ) .
101: .It Fl u Ar username
102: Specifies the remote user that initiated the connection.
103: It is used by various daemons such as
104: .Xr telnetd 8 .
105: This option may only be used by the superuser.
1.1 deraadt 106: .El
107: .Pp
108: If the file
109: .Pa /etc/nologin
1.15 millert 110: exists (and the
111: .Dq ignorenologin
112: boolean is not set in the user's login class),
1.9 aaron 113: .Nm
1.1 deraadt 114: displays its contents to the user and exits.
115: This is used by
1.12 aaron 116: .Xr shutdown 8
1.1 deraadt 117: to prevent users from logging in when the system is about to go down.
118: .Pp
1.3 deraadt 119: If the file
120: .Pa /etc/fbtab
121: exists,
1.9 aaron 122: .Nm
1.3 deraadt 123: changes the protection and ownership of certain devices specified in this
124: file.
125: .Pp
1.10 aaron 126: If the file
1.5 millert 127: .Pa /var/log/failedlogin
1.10 aaron 128: exists,
1.9 aaron 129: .Nm
1.5 millert 130: will record failed login attempts in this file.
131: .Pp
1.1 deraadt 132: Immediately after logging a user in,
1.9 aaron 133: .Nm
1.1 deraadt 134: displays the system copyright notice, the date and time the user last
1.8 pjanzen 135: logged in, the date and time of the last unsuccessful login (if the file
1.5 millert 136: .Pa /var/log/failedlogin
137: exists), the message of the day as well as other information.
1.1 deraadt 138: If the file
139: .Dq Pa .hushlogin
140: exists in the user's home directory, all of these messages are suppressed.
141: This is to simplify logins for non-human users, such as
1.20 jmc 142: .Xr uucp .
1.9 aaron 143: .Nm
1.1 deraadt 144: then records an entry in the
145: .Xr wtmp 5
146: and
147: .Xr utmp 5
148: files and executes the user's command interpreter.
149: .Pp
1.9 aaron 150: .Nm
1.7 aaron 151: enters information into the environment (see
1.1 deraadt 152: .Xr environ 7 )
1.7 aaron 153: specifying the user's home directory
154: .Pq Ev HOME ,
155: command interpreter
156: .Pq Ev SHELL ,
157: search path
158: .Pq Ev PATH ,
159: terminal type
160: .Pq Ev TERM ,
161: and user name
162: .Po both Ev LOGNAME and Ev USER
163: .Pc .
1.1 deraadt 164: .Pp
165: The standard shells,
166: .Xr csh 1
167: and
168: .Xr sh 1 ,
169: do not fork before executing the
1.9 aaron 170: .Nm
1.1 deraadt 171: utility.
1.19 millert 172: .Pp
173: Note that if
174: .Nm
175: is invoked by a non-root user, it will execute
176: .Xr su 1
177: in
178: .Nm
179: emulation mode instead.
1.14 millert 180: .Sh ENVIRONMENT
181: .Nm
182: sets the following environment variables:
183: .Bl -tag -width REMOTEHOST
184: .It Ev HOME
185: The user's home directory, as specified by the password database.
186: .It Ev SHELL
187: The user's shell, as specified by the password database.
188: .It Ev TERM
189: The user's terminal type, if it can be determined.
190: .It Ev LOGNAME
191: The user's login name.
192: .It Ev USER
193: Same as
194: .Ev LOGNAME .
195: .It Ev REMOTEHOST
196: The name of the host from which the user logged in, if the
197: .Fl h
198: flag was specified.
199: .It Ev REMOTEUSER
200: The name of the remote user who initiated the connection, if the
201: .Fl u
202: flag was specified.
203: .El
1.23 ! millert 204: .Pp
! 205: Other environment variables may be specified in
! 206: .Pa /etc/login.conf
! 207: via the
! 208: .Dq setenv
! 209: capability.
1.1 deraadt 210: .Sh FILES
1.7 aaron 211: .Bl -tag -width /var/log/failedlogin -compact
1.3 deraadt 212: .It Pa /etc/fbtab
213: changes device protections
1.15 millert 214: .It Pa /etc/login.conf
215: login configuration
1.1 deraadt 216: .It Pa /etc/motd
217: message-of-the-day
218: .It Pa /etc/nologin
219: disallows logins
220: .It Pa /var/run/utmp
221: current logins
1.15 millert 222: .It Pa /var/log/failedlogin
223: failed login account records
1.1 deraadt 224: .It Pa /var/log/lastlog
225: last login account records
226: .It Pa /var/log/wtmp
227: login account records
228: .It Pa /var/mail/user
229: system mailboxes
230: .It Pa \&.hushlogin
231: makes login quieter
232: .El
233: .Sh SEE ALSO
234: .Xr chpass 1 ,
235: .Xr passwd 1 ,
1.19 millert 236: .Xr su 1 ,
1.18 millert 237: .Xr telnet 1 ,
1.1 deraadt 238: .Xr getpass 3 ,
1.15 millert 239: .Xr setusercontext 3 ,
1.7 aaron 240: .Xr fbtab 5 ,
1.15 millert 241: .Xr login.conf 5 ,
1.1 deraadt 242: .Xr utmp 5 ,
1.7 aaron 243: .Xr environ 7
1.1 deraadt 244: .Sh HISTORY
245: A
1.9 aaron 246: .Nm
1.7 aaron 247: utility appeared in
1.17 mickey 248: .At v3 .