home *** CD-ROM | disk | FTP | other *** search

---

/ IRIX Base Documentation 1998 November / IRIX 6.5.2 Base Documentation November 1998.img / usr / share / catman / u_man / cat1 / login.z / login

Wrap

Text File  |  1998-10-20  |  39KB  |  529 lines

---

1.  
2.  
3.  
4. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
5.  
6.  
7.  
8. NNNNAAAAMMMMEEEE
9.      _llll_oooo_gggg_iiii_nnnn - sign on
10.  
11. SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
12.      _llll_oooo_gggg_iiii_nnnn [ _----_dddd _d_e_v_i_c_e ] [ _n_a_m_e [ _e_n_v_i_r_o_n ... ]]
13.  
14. DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
15.      The _llll_oooo_gggg_iiii_nnnn command is used at the beginning of each terminal session and
16.      allows you to identify yourself to the system.  It is invoked by the
17.      system when a connection is first established.  It is invoked by the
18.      system when a previous user has terminated the initial shell by typing a
19.      <Ctrl-d> to indicate an end-of-file.
20.  
21.      If _llll_oooo_gggg_iiii_nnnn is invoked as a command, it must replace the initial command
22.      interpreter.  This is accomplished by typing
23.  
24.           _eeee_xxxx_eeee_cccc _llll_oooo_gggg_iiii_nnnn
25.  
26.      from the initial shell.
27.  
28.      _llll_oooo_gggg_iiii_nnnn asks for your user name (if it is not supplied as an argument) and,
29.      if appropriate, your password.  Echoing is turned off (where possible)
30.      during the typing of your password, so it does not appear on the written
31.      record of the session.
32.  
33.      _llll_oooo_gggg_iiii_nnnn reads _////_eeee_tttt_cccc_////_dddd_eeee_ffff_aaaa_uuuu_llll_tttt_////_llll_oooo_gggg_iiii_nnnn to determine default behavior.  To change
34.      the defaults, the system administrator should edit this file.  The syntax
35.      of the below lines within the _////_eeee_tttt_cccc_////_dddd_eeee_ffff_aaaa_uuuu_llll_tttt_////_llll_oooo_gggg_iiii_nnnn file _mmmm_uuuu_ssss_tttt _nnnn_oooo_tttt contain
36.      any whitespaces.  The examples shown below are login defaults.
37.      Recognized values are:
38.  
39.      _CCCC_OOOO_NNNN_SSSS_OOOO_LLLL_EEEE_====_d_e_v_i_c_e   If defined, only allows root logins on the device
40.                       specified, typically _////_dddd_eeee_vvvv_////_cccc_oooo_nnnn_ssss_oooo_llll_eeee.  This MUST NOT be
41.                       defined as either _////_dddd_eeee_vvvv_////_ssss_yyyy_ssss_cccc_oooo_nnnn or _////_dddd_eeee_vvvv_////_ssss_yyyy_ssss_tttt_tttt_yyyy.  If
42.                       undefined, root can log in on any device.
43.  
44.      _PPPP_AAAA_SSSS_SSSS_RRRR_EEEE_QQQQ_====_NNNN_OOOO       Determines whether all accounts must have passwords.  If
45.                       _YYYY_EEEE_SSSS, and user has no password, they are prompted for one
46.                       at login time.
47.  
48.      _MMMM_AAAA_NNNN_DDDD_PPPP_AAAA_SSSS_SSSS_====_NNNN_OOOO      Like _PPPP_AAAA_SSSS_SSSS_RRRR_EEEE_QQQQ, but doesn't allow users with no password
49.                       to log in.
50.  
51.      _AAAA_LLLL_TTTT_SSSS_HHHH_EEEE_LLLL_LLLL_====_YYYY_EEEE_SSSS     If _YYYY_EEEE_SSSS, the environment variable SHELL is initialized.
52.  
53.      _UUUU_MMMM_AAAA_SSSS_KKKK_====_0000_2222_2222        Default umask, in octal.
54.  
55.      _TTTT_IIII_MMMM_EEEE_OOOO_UUUU_TTTT_====_6666_0000       Exit login after this many seconds of inactivity
56.                       (maximum 900, or 15 minutes)
57.  
58.  
59.  
60.  
61.  
62.  
63.                                                                         PPPPaaaaggggeeee 1111
64.  
65.  
66.  
67.  
68.  
69.  
70. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
71.  
72.  
73.  
74.      _SSSS_LLLL_EEEE_EEEE_PPPP_TTTT_IIII_MMMM_EEEE_====_1111      Sleep for this many seconds before issuing "login
75.                       incorrect" message (maximum 60 seconds).
76.  
77.      _DDDD_IIII_SSSS_AAAA_BBBB_LLLL_EEEE_TTTT_IIII_MMMM_EEEE_====_2222_0000   After _LLLL_OOOO_GGGG_FFFF_AAAA_IIII_LLLL_UUUU_RRRR_EEEE_SSSS or _MMMM_AAAA_XXXX_TTTT_RRRR_YYYY_SSSS unsuccessful attempts,
78.                       sleep for _DDDD_IIII_SSSS_AAAA_BBBB_LLLL_EEEE_TTTT_IIII_MMMM_EEEE seconds before exiting (no
79.                       maximum).
80.  
81.      _MMMM_AAAA_XXXX_TTTT_RRRR_YYYY_SSSS_====_3333        Exit login after _MMMM_AAAA_XXXX_TTTT_RRRR_YYYY_SSSS unsuccessful attempts (0 =
82.                       unlimited attempts).
83.  
84.      _LLLL_OOOO_GGGG_FFFF_AAAA_IIII_LLLL_UUUU_RRRR_EEEE_SSSS_====_3333    If there are _LLLL_OOOO_GGGG_FFFF_AAAA_IIII_LLLL_UUUU_RRRR_EEEE_SSSS consecutive unsuccessful login
85.                       attempts, each of them is logged in _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_llll_oooo_gggg_iiii_nnnn_llll_oooo_gggg,
86.                       if it exists.  _LLLL_OOOO_GGGG_FFFF_AAAA_IIII_LLLL_UUUU_RRRR_EEEE_SSSS has a maximum value of 20.
87.  
88.                       Note:  Users get at most the minimum of (_MMMM_AAAA_XXXX_TTTT_RRRR_YYYY_SSSS,
89.                       _LLLL_OOOO_GGGG_FFFF_AAAA_IIII_LLLL_UUUU_RRRR_EEEE_SSSS) unsuccessful attempts.
90.  
91.      _IIII_DDDD_LLLL_EEEE_WWWW_EEEE_EEEE_KKKK_SSSS_====_----_1111     If nonnegative, specify a grace period during which
92.                       users with expired passwords are allowed to enter a new
93.                       password.  In other words, accounts with expired
94.                       passwords can stay idle up to this long before being
95.                       "locked out."  If _IIII_DDDD_LLLL_EEEE_WWWW_EEEE_EEEE_KKKK_SSSS is 0, there is no grace
96.                       period, and expired passwords are the same as
97.                       invalidated passwords.
98.  
99.      _PPPP_AAAA_TTTT_HHHH_====            Path for normal users (from /usr/include/paths.h).
100.  
101.      _SSSS_UUUU_PPPP_AAAA_TTTT_HHHH_====          Path for superuser (from /usr/include/paths.h).
102.  
103.      _SSSS_YYYY_SSSS_LLLL_OOOO_GGGG_====_FFFF_AAAA_IIII_LLLL      Log to syslog all login failures (_SSSS_YYYY_SSSS_LLLL_OOOO_GGGG_====_FFFF_AAAA_IIII_LLLL) or all
104.                       successes and failures (_SSSS_YYYY_SSSS_LLLL_OOOO_GGGG_====_AAAA_LLLL_LLLL).  Log entries are
105.                       written to the LOG_AUTH facility (see _ssss_yyyy_ssss_llll_oooo_gggg(3C) and
106.                       _ssss_yyyy_ssss_llll_oooo_gggg_dddd(1M) for details).  No messages are sent to
107.                       syslog if not set.  Note that this is separate from the
108.                       login log, _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_llll_oooo_gggg_iiii_nnnn_llll_oooo_gggg.
109.  
110.      _IIII_NNNN_IIII_TTTT_GGGG_RRRR_OOOO_UUUU_PPPP_SSSS_====_YYYY_EEEE_SSSS   If _YYYY_EEEE_SSSS, make the user session be a member of all of the
111.                       user's supplementary groups (see _mmmm_uuuu_llll_tttt_gggg_rrrr_pppp_ssss(1) or
112.                       _iiii_nnnn_iiii_tttt_gggg_rrrr_oooo_uuuu_pppp_ssss(3C)).
113.  
114.      _LLLL_AAAA_NNNN_GGGG_====_CCCC           If _LLLL_AAAA_NNNN_GGGG is set, make this the default login language.
115.                       This is used if no _LLLL_AAAA_NNNN_GGGG comes from _eeee_nnnn_vvvv_iiii_rrrr_oooo_nnnn_mmmm_eeee_nnnn_tttt (rlogind,
116.                       getty, ...) and _$$$$_HHHH_OOOO_MMMM_EEEE_////_...._llll_aaaa_nnnn_gggg does not exist or does not
117.                       contain a lang id.  Only LANG is supported, not other
118.                       locale categories such as LC_CTYPE.
119.  
120.      _SSSS_VVVV_RRRR_4444______SSSS_IIII_GGGG_NNNN_AAAA_LLLL_SSSS_====_YYYY_EEEE_SSSS Use the SVR4 semantics for the SIGXCPU and SIGXFSZ
121.                       signals.  If _SSSS_VVVV_RRRR_4444______SSSS_IIII_GGGG_NNNN_AAAA_LLLL_SSSS_====_YYYY_EEEE_SSSS, the SVR4 semantics are
122.                       preserved and all processes ignore SIGXCPU and SIGXFSZ
123.                       by default.  If _SSSS_VVVV_RRRR_4444______SSSS_IIII_GGGG_NNNN_AAAA_LLLL_SSSS_====_NNNN_OOOO, these two signals
124.                       retain their default action, which is to cause the
125.                       receiving process to core dump.  If users intend to make
126.  
127.  
128.  
129.                                                                         PPPPaaaaggggeeee 2222
130.  
131.  
132.  
133.  
134.  
135.  
136. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
137.  
138.  
139.  
140.                       use of the CPU and filesize resource limits,
141.                       _SSSS_VVVV_RRRR_4444______SSSS_IIII_GGGG_NNNN_AAAA_LLLL_SSSS should be set to _NNNN_OOOO.  Note that using these
142.                       signals while _SSSS_VVVV_RRRR_4444______SSSS_IIII_GGGG_NNNN_AAAA_LLLL_SSSS is set to _YYYY_EEEE_SSSS causes behavior
143.                       that varies depending on the login shell.  This setting
144.                       has no affect on processes that explicitly alter the
145.                       behavior of these signals using the _ssss_iiii_gggg_nnnn_aaaa_llll(2) system
146.                       call.
147.  
148.      _SSSS_IIII_TTTT_EEEE_CCCC_HHHH_EEEE_CCCC_KKKK_====       Use an external program to authenticate users instead of
149.                       using the encrypted password field.  This allows sites
150.                       to implement other means of authentication, such as card
151.                       keys, biometrics, etc.  The program is invoked with user
152.                       name as the first argument, and remote hostname and
153.                       username, if applicable.  The action taken depend on
154.                       exit status, as follows:
155.  
156.                       _0000       Success; user was authenticated, log in.
157.  
158.                       _1111       Failure; exit login.
159.  
160.                       _2222       Failure; try again (don't exit login).
161.  
162.                       other   Use normal UNIX authentication.
163.  
164.                       If authentication fails, the program can chose to
165.                       indicate either exit code 1 or 2, as appropriate.  If
166.                       the program is not owned by root, is writable by others,
167.                       or cannot be executed, normal password authentication is
168.                       performed.  It is recommended that the program be given
169.                       a mode of 500.
170.  
171.                       Warning:  Because this option has the potential to
172.                       defeat normal IRIX security, any program used in this
173.                       way must be designed and tested very carefully.
174.  
175.      _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_====         If nonzero, after this number of consecutive
176.                       unsuccessful login attempts by the same user, by all
177.                       instances of xdm and login, lock the account by invoking
178.                       _pppp_aaaa_ssss_ssss_wwww_dddd _----_llll _uuuu_ssss_eeee_rrrr_nnnn_aaaa_mmmm_eeee.  Note that this feature allows a
179.                       denial of service attack that may require booting from
180.                       the miniroot to fix, as even the root accounts can be
181.                       locked out.
182.  
183.      _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_EEEE_XXXX_EEEE_MMMM_PPPP_TTTT_====   If _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT is greater than zero, the users listed as
184.                       _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_EEEE_XXXX_EEEE_MMMM_PPPP_TTTT will _NNNN_OOOO_TTTT be subject to the _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT option.
185.                       Usernames are separated by spaces, the list must be
186.                       terminated by end-of-line, maximum list length is 240
187.                       characters. _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_EEEE_XXXX_EEEE_MMMM_PPPP_TTTT is ignored unless _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT is
188.                       enabled, and the list is not empty. Including privileged
189.                       accounts (such as _rrrr_oooo_oooo_tttt) in the _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_EEEE_XXXX_EEEE_MMMM_PPPP_TTTT list, is
190.                       not recommended, as it allows an indefinite number of
191.                       attacks on the exempt accounts. Also, if _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_EEEE_XXXX_EEEE_MMMM_PPPP_TTTT
192.  
193.  
194.  
195.                                                                         PPPPaaaaggggeeee 3333
196.  
197.  
198.  
199.  
200.  
201.  
202. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
203.  
204.  
205.  
206.                       is enabled, the _////_eeee_tttt_cccc_////_dddd_eeee_ffff_aaaa_uuuu_llll_tttt_////_llll_oooo_gggg_iiii_nnnn file should be given
207.                       a mode 400 or 600 to prevent unauthorized viewing and/or
208.                       tampering with the _LLLL_OOOO_CCCC_KKKK_OOOO_UUUU_TTTT_EEEE_XXXX_EEEE_MMMM_PPPP_TTTT list.
209.  
210.      At some installations, you may be required to enter a dialup password for
211.      dialup connections as well as a login password.  In this case, the prompt
212.      for the dialup password is:
213.  
214.           _DDDD_iiii_aaaa_llll_uuuu_pppp _PPPP_aaaa_ssss_ssss_wwww_oooo_rrrr_dddd_::::
215.  
216.      Both passwords are required for a successful login.
217.  
218.      For remote logins over the network, _llll_oooo_gggg_iiii_nnnn prints the contents of
219.      _////_eeee_tttt_cccc_////_iiii_ssss_ssss_uuuu_eeee before prompting for a username or password.  The file
220.      _////_eeee_tttt_cccc_////_nnnn_oooo_llll_oooo_gggg_iiii_nnnn disables remote logins if it exists; _llll_oooo_gggg_iiii_nnnn prints the
221.      contents of this file before disconnecting the session.
222.  
223.      The system can be configured to automate the login process after a system
224.      restart.  When the file _////_eeee_tttt_cccc_////_aaaa_uuuu_tttt_oooo_llll_oooo_gggg_iiii_nnnn exists and contains a valid user
225.      name, the system logs in as the specified user without prompting for a
226.      user name or password.  The automatic login takes place only after a
227.      system restart; once the user logs out, the normal interactive login
228.      session is used until the next restart.  This is intended to be used at
229.      sites where the normal security mechanisms provided by _llll_oooo_gggg_iiii_nnnn are not
230.      needed or desired.  If you make five incorrect login attempts, all five
231.      are logged in _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_llll_oooo_gggg_iiii_nnnn_llll_oooo_gggg (if it exists) and the TTY line is
232.      dropped.
233.  
234.      If you do not complete the login successfully within a certain period of
235.      time (by default, 20 seconds), you are likely to be silently
236.      disconnected.
237.  
238.      After a successful login, accounting files are updated, the _////_eeee_tttt_cccc_////_pppp_rrrr_oooo_ffff_iiii_llll_eeee
239.      script is executed, the time you last logged in is printed (unless a file
240.      _...._hhhh_uuuu_ssss_hhhh_llll_oooo_gggg_iiii_nnnn is present in the user's home directory), _////_eeee_tttt_cccc_////_mmmm_oooo_tttt_dddd is
241.      printed, the user ID, group ID, supplementary group list, working
242.      directory, and command interpreter (usually _ssss_hhhh) are initialized, and the
243.      file _...._pppp_rrrr_oooo_ffff_iiii_llll_eeee in the working directory is executed, if it exists.  The
244.      name of the command interpreter is _---- followed by the last component of
245.      the interpreter's pathname (for example, _----_ssss_hhhh).  If this field in the
246.      password file is empty, the default command interpreter, _////_uuuu_ssss_rrrr_////_bbbb_iiii_nnnn_////_ssss_hhhh is
247.      used.  If this field is _****, the named directory becomes the root
248.      directory, the starting point for path searches for pathnames beginning
249.      with a _////.  At that point _llll_oooo_gggg_iiii_nnnn is re-executed at the new level which must
250.      have its own root structure.  At the very least, this root structure must
251.      include _////_dddd_eeee_vvvv_////_zzzz_eeee_rrrr_oooo, _////_eeee_tttt_cccc_////_gggg_rrrr_oooo_uuuu_pppp, _////_eeee_tttt_cccc_////_pppp_aaaa_ssss_ssss_wwww_dddd, _////_llll_iiii_bbbb_////_rrrr_llll_dddd, _////_llll_iiii_bbbb_////_llll_iiii_bbbb_cccc_...._ssss_oooo_...._1111,
252.      _////_uuuu_ssss_rrrr_////_bbbb_iiii_nnnn_////_llll_oooo_gggg_iiii_nnnn, _////_uuuu_ssss_rrrr_////_llll_iiii_bbbb_////_llll_iiii_bbbb_cccc_rrrr_yyyy_pppp_tttt_...._ssss_oooo, and _////_uuuu_ssss_rrrr_////_llll_iiii_bbbb_////_llll_iiii_bbbb_gggg_eeee_nnnn_...._ssss_oooo.  These
253.      files allow _llll_oooo_gggg_iiii_nnnn to execute correctly, but you also need to include
254.      additional files, like shells or applications, that the user is allowed
255.      to execute.  Since these applications can in turn rely on additional
256.      shared libraries, it may also be necessary to place additional shared
257.      objects in _////_uuuu_ssss_rrrr_////_llll_iiii_bbbb.  See the _ffff_tttt_pppp_dddd(1M) reference page for more
258.  
259.  
260.  
261.                                                                         PPPPaaaaggggeeee 4444
262.  
263.  
264.  
265.  
266.  
267.  
268. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
269.  
270.  
271.  
272.      information about setting up a root environment.
273.  
274.      The basic _e_n_v_i_r_o_n_m_e_n_t is initialized to:
275.  
276.           _HHHH_OOOO_MMMM_EEEE_====_y_o_u_r-_l_o_g_i_n-_d_i_r_e_c_t_o_r_y
277.           _LLLL_OOOO_GGGG_NNNN_AAAA_MMMM_EEEE_====_y_o_u_r-_l_o_g_i_n-_n_a_m_e
278.           _PPPP_AAAA_TTTT_HHHH_====_////_uuuu_ssss_rrrr_////_bbbb_iiii_nnnn
279.           _SSSS_HHHH_EEEE_LLLL_LLLL_====_l_a_s_t-_f_i_e_l_d-_o_f-_p_a_s_s_w_d-_e_n_t_r_y
280.           _MMMM_AAAA_IIII_LLLL_====_////_vvvv_aaaa_rrrr_////_mmmm_aaaa_iiii_llll_////_y_o_u_r-_l_o_g_i_n-_n_a_m_e
281.           _LLLL_AAAA_NNNN_GGGG_====_l_a_n_g_u_a_g_e-_s_p_e_c_i_f_i_c_a_t_i_o_n
282.           _TTTT_ZZZZ_====_t_i_m_e_z_o_n_e-_s_p_e_c_i_f_i_c_a_t_i_o_n
283.  
284.      The environment can be expanded or modified by supplying additional
285.      arguments when _llll_oooo_gggg_iiii_nnnn prints the prompt requesting the user's login name.
286.      The arguments can take either of two forms:  _x_x_x or _x_x_x_====_y_y_y.  Arguments
287.      without an equal sign are placed in the environment as
288.  
289.           _LLLL_n_====_x_x_x
290.  
291.      where _n is a number that starts at 0 and is incremented each time a new
292.      variable name is required.  Variables containing _==== are placed in the
293.      environment without modification.  If such a variable is already defined,
294.      the new value replaces the old value.  To prevent users who log in to
295.      restricted shell environments from spawning secondary shells that are not
296.      restricted, the following environment variables cannot be changed:
297.  
298.           _HHHH_OOOO_MMMM_EEEE
299.           _IIII_FFFF_SSSS
300.           _LLLL_OOOO_GGGG_NNNN_AAAA_MMMM_EEEE
301.           _PPPP_AAAA_TTTT_HHHH
302.           _SSSS_HHHH_EEEE_LLLL_LLLL
303.  
304.      Attempts to set environment variables beginning with the following
305.      strings (see the _rrrr_llll_dddd(1) reference page) are ignored, and such attempts
306.      are logged via _ssss_yyyy_ssss_llll_oooo_gggg_dddd:
307.  
308.           ______RRRR_LLLL_DDDD
309.           _LLLL_DDDD______LLLL_IIII_BBBB_RRRR_AAAA_RRRR_YYYY
310.  
311.      _llll_oooo_gggg_iiii_nnnn understands simple, single-character quoting conventions.  Typing a
312.      backslash in front of a character quotes it and allows the inclusion of
313.      such characters as spaces and tabs.
314.  
315.      To enable dial-in line password protection, two files are required.  The
316.      file _////_eeee_tttt_cccc_////_dddd_iiii_aaaa_llll_uuuu_pppp_ssss must contain of the name of any dialup ports (for
317.      example, _////_dddd_eeee_vvvv_////_tttt_tttt_yyyy_dddd_2222) that require password protection.  These are
318.      specified one per line.  The second file, _////_eeee_tttt_cccc_////_dddd______pppp_aaaa_ssss_ssss_wwww_dddd consists of lines
319.      with the following format:
320.  
321.           _s_h_e_l_l:_p_a_s_s_w_o_r_d:
322.  
323.      This file is scanned when the user logs in, and if the _s_h_e_l_l portion of
324.  
325.  
326.  
327.                                                                         PPPPaaaaggggeeee 5555
328.  
329.  
330.  
331.  
332.  
333.  
334. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
335.  
336.  
337.  
338.      any line matches the command interpreter that the user gets, the user is
339.      prompted for an additional dialin password, which is encoded and compared
340.      to that specified in the _p_a_s_s_w_o_r_d portion of the line.  If the command
341.      interpreter cannot be found, the entry for the default shell, _////_ssss_bbbb_iiii_nnnn_////_ssss_hhhh,
342.      (or, for compatibility with existing configurations, _////_bbbb_iiii_nnnn_////_ssss_hhhh) is used.
343.      (If both are present, the last one in file is used.)  If there is no such
344.      entry, no dialup password is required.  In other words, the _////_eeee_tttt_cccc_////_dddd______pppp_aaaa_ssss_ssss_wwww_dddd
345.      entry for _////_ssss_bbbb_iiii_nnnn_////_ssss_hhhh is the default.
346.  
347. SSSSHHHHAAAARRRREEEE IIIIIIII AAAACCCCTTTTIIIIOOOONNNNSSSS
348.      If the Share II system is installed and enabled, _llll_oooo_gggg_iiii_nnnn prints the
349.      message:
350.  
351.           _SSSS_hhhh_aaaa_rrrr_eeee _llll_oooo_gggg_iiii_nnnn _oooo_nnnn _t_t_y_n_a_m_e.
352.  
353.      The following privilege and resource checks are made after you have
354.      successfully entered your password, but before the initial shell is
355.      started:
356.  
357.      1.  If your _nnnn_oooo_llll_oooo_gggg_iiii_nnnn flag is set, or you are already logged on and your
358.          _oooo_nnnn_eeee_llll_oooo_gggg_iiii_nnnn flag is set, you are denied login.
359.  
360.      2.  If a disk usage exceeds its soft disk limit in any of your domains, a
361.          message is printed and you are given a _w_a_r_n_i_n_g.  If you accumulate
362.          too many warnings, further login attempts are denied and you must see
363.          your subadministrator to rectify the situation.  Whenever you log in
364.          or connect by remote shell with no disk usages in excess of any soft
365.          limits, all your accumulated warnings are cleared.
366.  
367.      3.  If you do not have permission to use the terminal, as determined by
368.          the respective terminal permission flag, you are denied login.
369.  
370.      4.  Some installations place limits on terminal connect time, both
371.          through logins and remote shell connections.  If you have already
372.          reached your connect time limit, you are denied login.  Otherwise, if
373.          the terminal costs more or less to use than normal terminals, its
374.          cost is printed.  Your remaining connect time is also printed.
375.  
376.      If all these checks are passed, _llll_oooo_gggg_iiii_nnnn proceeds normally.
377.  
378. NNNNOOOOTTTTEEEESSSS
379.      Autologin is controlled by the existence of the _////_eeee_tttt_cccc_////_aaaa_uuuu_tttt_oooo_llll_oooo_gggg_iiii_nnnn_...._oooo_nnnn file.
380.      The file is normally created at boot time to automate the login process
381.      and then removed by _llll_oooo_gggg_iiii_nnnn to disable the autologin process for succeeding
382.      terminal sessions.
383.  
384.      In the default configuration, encrypted passwords for users are kept in
385.      the system password file, _////_eeee_tttt_cccc_////_pppp_aaaa_ssss_ssss_wwww_dddd, which is a text file and is
386.      readable by any system user.  The program _pppp_wwww_cccc_oooo_nnnn_vvvv(1M) can be used by the
387.      system administrator to activate the shadow password mechanism.  When
388.      shadow passwords are enabled, the encrypted passwords are kept only in
389.      _////_eeee_tttt_cccc_////_ssss_hhhh_aaaa_dddd_oooo_wwww, a file that is only readable by the superuser.  Refer to the
390.  
391.  
392.  
393.                                                                         PPPPaaaaggggeeee 6666
394.  
395.  
396.  
397.  
398.  
399.  
400. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
401.  
402.  
403.  
404.      _pppp_wwww_cccc_oooo_nnnn_vvvv(1M) reference page for more information about shadow passwords.
405.  
406. FFFFIIIILLLLEEEESSSS
407.      _////_eeee_tttt_cccc_////_dddd_iiii_aaaa_llll_uuuu_pppp_ssss
408.      _////_eeee_tttt_cccc_////_dddd______pppp_aaaa_ssss_ssss_wwww_dddd
409.      _////_eeee_tttt_cccc_////_mmmm_oooo_tttt_dddd            message of the day
410.      _////_eeee_tttt_cccc_////_pppp_aaaa_ssss_ssss_wwww_dddd          password file
411.      _////_eeee_tttt_cccc_////_ssss_hhhh_aaaa_dddd_oooo_wwww          shadow password file
412.      _////_eeee_tttt_cccc_////_pppp_rrrr_oooo_ffff_iiii_llll_eeee         system profile
413.      _$$$$_HHHH_OOOO_MMMM_EEEE_////_...._pppp_rrrr_oooo_ffff_iiii_llll_eeee       user's login profile
414.      _$$$$_HHHH_OOOO_MMMM_EEEE_////_...._llll_aaaa_nnnn_gggg          user's login language specification
415.      _////_uuuu_ssss_rrrr_////_llll_iiii_bbbb_////_iiii_aaaa_ffff_////_ssss_cccc_hhhh_eeee_mmmm_eeee  _llll_oooo_gggg_iiii_nnnn authentication scheme
416.      _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_llll_aaaa_ssss_tttt_llll_oooo_gggg     time of last login
417.      _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_llll_oooo_gggg_iiii_nnnn_llll_oooo_gggg    record of failed login attempts
418.      _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_uuuu_tttt_mmmm_pppp        accounting
419.      _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_wwww_tttt_mmmm_pppp        accounting
420.      _////_eeee_tttt_cccc_////_dddd_eeee_ffff_aaaa_uuuu_llll_tttt_////_llll_oooo_gggg_iiii_nnnn   to determine default behavior
421.      _////_vvvv_aaaa_rrrr_////_mmmm_aaaa_iiii_llll_////_l_o_g_i_n__n_a_m_e mailbox for user _l_o_g_i_n__n_a_m_e
422.      _////_uuuu_ssss_rrrr_////_llll_iiii_bbbb_////_llll_oooo_cccc_aaaa_llll_eeee_////_l_o_c_a_l_e_////_LLLL_CCCC______MMMM_EEEE_SSSS_SSSS_AAAA_GGGG_EEEE_SSSS_////_uuuu_xxxx_cccc_oooo_rrrr_eeee
423.                           language-specific message file (see _LLLL_AAAA_NNNN_GGGG in
424.                           _eeee_nnnn_vvvv_iiii_rrrr_oooo_nnnn(5))
425.      _////_eeee_tttt_cccc_////_llll_iiii_mmmm_cccc_oooo_nnnn_ffff         the compiled Share II configuration file (machine
426.                           readable)
427.  
428. SSSSEEEEEEEE AAAALLLLSSSSOOOO
429.      mail(1), newgrp(1), pwconv(1M), rexecd(1M), rshd(1M), sh(1), su(1M),
430.      loginlog(4), passwd(4), profile(4), shadow(4), environ(5), share(5).
431.  
432. DDDDIIIIAAAAGGGGNNNNOOOOSSSSTTTTIIIICCCCSSSS
433.      The message
434.  
435.           _UUUU_XXXX_::::_llll_oooo_gggg_iiii_nnnn_:::: _EEEE_RRRR_RRRR_OOOO_RRRR_:::: _LLLL_oooo_gggg_iiii_nnnn _iiii_nnnn_cccc_oooo_rrrr_rrrr_eeee_cccc_tttt
436.  
437.      is printed if the user name or the password cannot be matched or if the
438.      user's login account has expired or remained inactive for a period
439.      greater than the system threshold.
440.  
441.      The message
442.  
443.           _UUUU_XXXX_::::_llll_oooo_gggg_iiii_nnnn_:::: _iiii_oooo_cccc_tttt_llll_((((_)))) _ffff_aaaa_iiii_llll_eeee_dddd_:::: _TTTT_CCCC_SSSS_EEEE_TTTT_AAAA
444.  
445.      is printed if the tty line does not support a requested baud rate
446.      (specified for remote logins).  A similar message is also sent to syslog.
447.      See _s_e_r_i_a_l(_7) for information on which baud rates are supported.
448.  
449.      The Share II-specific diagnostic messages are:
450.  
451.      _WWWW_aaaa_rrrr_nnnn_iiii_nnnn_gggg _X _oooo_ffff _Y_:::: _ssss_oooo_ffff_tttt _dddd_iiii_ssss_kkkk _llll_iiii_mmmm_iiii_tttt _eeee_xxxx_cccc_eeee_eeee_dddd_eeee_dddd_....
452.           One of your domains has a disk usage in excess of its soft limit.
453.  
454.  
455.  
456.  
457.  
458.  
459.                                                                         PPPPaaaaggggeeee 7777
460.  
461.  
462.  
463.  
464.  
465.  
466. llllooooggggiiiinnnn((((1111))))                                                              llllooooggggiiiinnnn((((1111))))
467.  
468.  
469.  
470.      _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_....  _TTTT_oooo_oooo _mmmm_aaaa_nnnn_yyyy _wwww_aaaa_rrrr_nnnn_iiii_nnnn_gggg_ssss_....
471.           You have reached your warning limit.  See your system administrator.
472.  
473.      _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_....  _AAAA_llll_rrrr_eeee_aaaa_dddd_yyyy _llll_oooo_gggg_gggg_eeee_dddd _iiii_nnnn _---- _oooo_nnnn_llll_yyyy _oooo_nnnn_eeee _llll_oooo_gggg_iiii_nnnn _aaaa_llll_llll_oooo_wwww_eeee_dddd_....
474.           You are already logged in at another terminal or connected to the
475.           system by remote shell and your _oooo_nnnn_eeee_llll_oooo_gggg_iiii_nnnn flag is set.
476.  
477.      _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_....  _CCCC_uuuu_rrrr_rrrr_eeee_nnnn_tttt_llll_yyyy _bbbb_aaaa_rrrr_rrrr_eeee_dddd _ffff_rrrr_oooo_mmmm _llll_oooo_gggg_gggg_iiii_nnnn_gggg _iiii_nnnn_....
478.           Your _nnnn_oooo_llll_oooo_gggg_iiii_nnnn flag is set.
479.  
480.      _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_....  _NNNN_oooo _pppp_eeee_rrrr_mmmm_iiii_ssss_ssss_iiii_oooo_nnnn _tttt_oooo _uuuu_ssss_eeee _tttt_hhhh_iiii_ssss _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll_....
481.           You are not allowed to log in at this terminal because of a clear
482.           _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll _pppp_eeee_rrrr_mmmm_iiii_ssss_ssss_iiii_oooo_nnnn flag.
483.  
484.      _SSSS_hhhh_aaaa_rrrr_eeee _llll_oooo_gggg_iiii_nnnn _oooo_nnnn _t_t_y_n_a_m_e _---- _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll _cccc_oooo_ssss_tttt _iiii_ssss _X _tttt_iiii_mmmm_eeee_ssss _nnnn_oooo_rrrr_mmmm_aaaa_llll_....
485.           You are charged for use of this terminal at _X times the rate of a
486.           normal terminal.
487.  
488.      _YYYY_oooo_uuuu _hhhh_aaaa_vvvv_eeee _aaaa _rrrr_eeee_mmmm_aaaa_iiii_nnnn_iiii_nnnn_gggg _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt _tttt_iiii_mmmm_eeee _oooo_ffff _Y.
489.           You may use this terminal until you have used up your remaining
490.           connect time, at which point you are forced to log out.
491.  
492.      _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_....  _TTTT_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt _tttt_iiii_mmmm_eeee _llll_iiii_mmmm_iiii_tttt _eeee_xxxx_cccc_eeee_eeee_dddd_eeee_dddd_....
493.           You have already reached your terminal connect time limit.
494.  
495.      _SSSS_hhhh_aaaa_rrrr_eeee _nnnn_oooo_tttt _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_eeee_dddd _---- _nnnn_oooo _llll_iiii_mmmm_iiii_tttt _cccc_hhhh_eeee_cccc_kkkk_ssss_....
496.           The configuration file is unreadable for some reason, so terminal
497.           privileges, connect time limits, and disk space limits could not be
498.           checked.
499.  
500.  
501.  
502.  
503.  
504.  
505.  
506.  
507.  
508.  
509.  
510.  
511.  
512.  
513.  
514.  
515.  
516.  
517.  
518.  
519.  
520.  
521.  
522.  
523.  
524.  
525.                                                                         PPPPaaaaggggeeee 8888
526.  
527.  
528.  
529.