Annotation of src/usr.bin/login/login.1, Revision 1.33
1.33 ! jsg 1: .\" $OpenBSD: login.1,v 1.32 2016/09/04 17:05:53 gsoares Exp $
1.1 deraadt 2: .\"
3: .\" Copyright (c) 1980, 1990, 1993
4: .\" The Regents of the University of California. All rights reserved.
5: .\"
6: .\" Redistribution and use in source and binary forms, with or without
7: .\" modification, are permitted provided that the following conditions
8: .\" are met:
9: .\" 1. Redistributions of source code must retain the above copyright
10: .\" notice, this list of conditions and the following disclaimer.
11: .\" 2. Redistributions in binary form must reproduce the above copyright
12: .\" notice, this list of conditions and the following disclaimer in the
13: .\" documentation and/or other materials provided with the distribution.
1.21 millert 14: .\" 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 15: .\" may be used to endorse or promote products derived from this software
16: .\" without specific prior written permission.
17: .\"
18: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28: .\" SUCH DAMAGE.
29: .\"
30: .\" @(#)login.1 8.2 (Berkeley) 5/5/94
31: .\"
1.33 ! jsg 32: .Dd $Mdocdate: September 4 2016 $
1.1 deraadt 33: .Dt LOGIN 1
1.9 aaron 34: .Os
1.1 deraadt 35: .Sh NAME
36: .Nm login
37: .Nd log into the computer
38: .Sh SYNOPSIS
39: .Nm login
40: .Op Fl fp
41: .Op Fl h Ar hostname
1.26 jmc 42: .Op Fl L Ar local-addr
43: .Op Fl R Ar remote-addr
1.14 millert 44: .Op Fl u Ar username
1.1 deraadt 45: .Op Ar user
46: .Sh DESCRIPTION
47: The
1.9 aaron 48: .Nm
1.1 deraadt 49: utility logs users (and pseudo-users) into the computer system.
50: .Pp
51: If no user is specified, or if a user is specified and authentication
52: of the user fails,
1.9 aaron 53: .Nm
1.1 deraadt 54: prompts for a user name.
1.15 millert 55: Authentication of users is normally done via passwords, though
56: external authentication mechanisms may be used (see
1.16 mpech 57: .Xr login.conf 5 ) .
1.15 millert 58: To specify the alternate authentication mechanism
59: .Va style ,
60: the string
1.31 schwarze 61: .Pf : Va style
1.15 millert 62: is appended to the user name (i.e.,
1.31 schwarze 63: .Ar user : Ns Va style ) .
1.1 deraadt 64: .Pp
65: The options are as follows:
66: .Bl -tag -width Ds
67: .It Fl f
68: The
69: .Fl f
70: option is used when a user name is specified to indicate that proper
71: authentication has already been done and that no password need be
72: requested.
1.29 martynas 73: This option may only be used by the superuser.
1.11 deraadt 74: .It Fl h Ar hostname
1.14 millert 75: Specifies the host from which the connection was received.
76: This option may only be used by the superuser.
1.26 jmc 77: .It Fl L Ar local-addr
1.15 millert 78: The
79: .Fl L
1.26 jmc 80: option specifies the local address of a socket.
1.15 millert 81: This information is passed on to any classify script (see
82: .Xr login.conf 5 ) .
1.1 deraadt 83: .It Fl p
84: By default,
1.9 aaron 85: .Nm
1.1 deraadt 86: discards any previous environment.
87: The
88: .Fl p
89: option disables this behavior.
1.26 jmc 90: .It Fl R Ar remote-addr
1.15 millert 91: The
92: .Fl R
1.26 jmc 93: option specifies the remote address of a socket.
1.15 millert 94: This information is passed on to any classify script (see
95: .Xr login.conf 5 ) .
96: .It Fl u Ar username
97: Specifies the remote user that initiated the connection.
98: This option may only be used by the superuser.
1.1 deraadt 99: .El
100: .Pp
101: If the file
102: .Pa /etc/nologin
1.15 millert 103: exists (and the
104: .Dq ignorenologin
105: boolean is not set in the user's login class),
1.9 aaron 106: .Nm
1.1 deraadt 107: displays its contents to the user and exits.
108: This is used by
1.12 aaron 109: .Xr shutdown 8
1.1 deraadt 110: to prevent users from logging in when the system is about to go down.
111: .Pp
1.3 deraadt 112: If the file
113: .Pa /etc/fbtab
114: exists,
1.9 aaron 115: .Nm
1.3 deraadt 116: changes the protection and ownership of certain devices specified in this
117: file.
118: .Pp
1.10 aaron 119: If the file
1.5 millert 120: .Pa /var/log/failedlogin
1.10 aaron 121: exists,
1.9 aaron 122: .Nm
1.5 millert 123: will record failed login attempts in this file.
124: .Pp
1.1 deraadt 125: Immediately after logging a user in,
1.9 aaron 126: .Nm
1.1 deraadt 127: displays the system copyright notice, the date and time the user last
1.8 pjanzen 128: logged in, the date and time of the last unsuccessful login (if the file
1.5 millert 129: .Pa /var/log/failedlogin
130: exists), the message of the day as well as other information.
1.1 deraadt 131: If the file
132: .Dq Pa .hushlogin
133: exists in the user's home directory, all of these messages are suppressed.
1.30 tedu 134: This is to simplify logins for non-human users.
1.9 aaron 135: .Nm
1.1 deraadt 136: then records an entry in the
137: .Xr wtmp 5
138: and
139: .Xr utmp 5
140: files and executes the user's command interpreter.
141: .Pp
1.9 aaron 142: .Nm
1.7 aaron 143: enters information into the environment (see
1.1 deraadt 144: .Xr environ 7 )
1.7 aaron 145: specifying the user's home directory
146: .Pq Ev HOME ,
147: command interpreter
148: .Pq Ev SHELL ,
149: search path
150: .Pq Ev PATH ,
151: terminal type
152: .Pq Ev TERM ,
153: and user name
154: .Po both Ev LOGNAME and Ev USER
155: .Pc .
1.1 deraadt 156: .Pp
157: The standard shells,
158: .Xr csh 1
159: and
160: .Xr sh 1 ,
161: do not fork before executing the
1.9 aaron 162: .Nm
1.1 deraadt 163: utility.
1.19 millert 164: .Pp
165: Note that if
166: .Nm
167: is invoked by a non-root user, it will execute
168: .Xr su 1
169: in
170: .Nm
171: emulation mode instead.
1.14 millert 172: .Sh ENVIRONMENT
173: .Nm
174: sets the following environment variables:
175: .Bl -tag -width REMOTEHOST
176: .It Ev HOME
177: The user's home directory, as specified by the password database.
178: .It Ev SHELL
179: The user's shell, as specified by the password database.
180: .It Ev TERM
181: The user's terminal type, if it can be determined.
182: .It Ev LOGNAME
183: The user's login name.
184: .It Ev USER
185: Same as
186: .Ev LOGNAME .
1.28 martynas 187: .It Ev MAIL
188: The user's mailbox.
1.14 millert 189: .It Ev REMOTEHOST
190: The name of the host from which the user logged in, if the
191: .Fl h
192: flag was specified.
193: .It Ev REMOTEUSER
194: The name of the remote user who initiated the connection, if the
195: .Fl u
196: flag was specified.
197: .El
1.23 millert 198: .Pp
199: Other environment variables may be specified in
200: .Pa /etc/login.conf
201: via the
202: .Dq setenv
203: capability.
1.1 deraadt 204: .Sh FILES
1.7 aaron 205: .Bl -tag -width /var/log/failedlogin -compact
1.3 deraadt 206: .It Pa /etc/fbtab
207: changes device protections
1.15 millert 208: .It Pa /etc/login.conf
209: login configuration
1.1 deraadt 210: .It Pa /etc/motd
211: message-of-the-day
212: .It Pa /etc/nologin
213: disallows logins
1.15 millert 214: .It Pa /var/log/failedlogin
215: failed login account records
1.1 deraadt 216: .It Pa /var/log/lastlog
217: last login account records
218: .It Pa /var/log/wtmp
219: login account records
220: .It Pa /var/mail/user
221: system mailboxes
1.25 jmc 222: .It Pa /var/run/utmp
223: current logins
1.1 deraadt 224: .It Pa \&.hushlogin
225: makes login quieter
226: .El
227: .Sh SEE ALSO
228: .Xr chpass 1 ,
229: .Xr passwd 1 ,
1.19 millert 230: .Xr su 1 ,
1.18 millert 231: .Xr telnet 1 ,
1.32 gsoares 232: .Xr readpassphrase 3 ,
1.15 millert 233: .Xr setusercontext 3 ,
1.7 aaron 234: .Xr fbtab 5 ,
1.15 millert 235: .Xr login.conf 5 ,
1.1 deraadt 236: .Xr utmp 5 ,
1.7 aaron 237: .Xr environ 7
1.1 deraadt 238: .Sh HISTORY
239: A
1.9 aaron 240: .Nm
1.7 aaron 241: utility appeared in
1.33 ! jsg 242: .At v2 .