Add sha256/512 support to libcrypt, change default
[dragonfly.git] / etc / login.conf
CommitLineData
984263bc
MD
1# login.conf - login class capabilities database.
2#
3# Remember to rebuild the database after each change to this file:
4#
5# cap_mkdb /etc/login.conf
6#
7# This file controls resource limits, accounting limits and
8# default user environment settings.
9#
10# $FreeBSD: src/etc/login.conf,v 1.34.2.6 2002/07/02 20:06:18 dillon Exp $
02096bc2 11# $DragonFly: src/etc/login.conf,v 1.5 2006/08/12 16:47:18 dillon Exp $
984263bc
MD
12#
13
14# Default settings effectively disable resource limits, see the
15# examples below for a starting point to enable them.
16
17# defaults
18# These settings are used by login(1) by default for classless users
19# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
20
21default:\
6737f3b9 22 :passwd_format=sha256:\
984263bc
MD
23 :copyright=/etc/COPYRIGHT:\
24 :welcome=/etc/motd:\
25 :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
df2b1864 26 :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/pkg/sbin /usr/pkg/bin ~/bin:\
984263bc
MD
27 :nologin=/var/run/nologin:\
28 :cputime=unlimited:\
29 :datasize=unlimited:\
30 :stacksize=unlimited:\
31 :memorylocked=unlimited:\
32 :memoryuse=unlimited:\
33 :filesize=unlimited:\
34 :coredumpsize=unlimited:\
35 :openfiles=unlimited:\
36 :maxproc=unlimited:\
98589eb6 37 :posixlocks=unlimited:\
984263bc
MD
38 :sbsize=unlimited:\
39 :vmemoryuse=unlimited:\
40 :priority=0:\
41 :ignoretime@:\
42 :umask=022:
43
44
45#
46# A collection of common class names - forward them all to 'default'
47# (login would normally do this anyway, but having a class name
48# here suppresses the diagnostic)
49#
50standard:\
51 :tc=default:
52xuser:\
53 :tc=default:
54staff:\
55 :tc=default:
56daemon:\
57 :tc=default:
58news:\
59 :tc=default:
60dialer:\
61 :tc=default:
62
63#
64# Root can always login
65#
66# N.B. login_getpwclass(3) will use this entry for the root account,
67# in preference to 'default'.
68root:\
69 :ignorenologin:\
70 :tc=default:
71
72#
73# Russian Users Accounts. Setup proper environment variables.
74#
75russian|Russian Users Accounts:\
76 :charset=KOI8-R:\
77 :lang=ru_RU.KOI8-R:\
78 :tc=default:
79
80
81######################################################################
82######################################################################
83##
84## Example entries
85##
86######################################################################
87######################################################################
88
89## Example defaults
90## These settings are used by login(1) by default for classless users
91## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
92#
93#default:\
94# :cputime=infinity:\
95# :datasize-cur=22M:\
96# :stacksize-cur=8M:\
97# :memorylocked-cur=10M:\
98# :memoryuse-cur=30M:\
99# :filesize=infinity:\
100# :coredumpsize=infinity:\
101# :maxproc-cur=64:\
102# :openfiles-cur=64:\
103# :priority=0:\
104# :requirehome@:\
105# :umask=022:\
106# :tc=auth-defaults:
107#
108#
109##
110## standard - standard user defaults
111##
112#standard:\
113# :copyright=/etc/COPYRIGHT:\
114# :welcome=/etc/motd:\
115# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
116# :path=~/bin /bin /usr/bin /usr/local/bin:\
117# :manpath=/usr/share/man /usr/local/man:\
118# :nologin=/var/run/nologin:\
119# :cputime=1h30m:\
120# :datasize=8M:\
121# :vmemoryuse=100M:\
122# :stacksize=2M:\
123# :memorylocked=4M:\
124# :memoryuse=8M:\
125# :filesize=8M:\
126# :coredumpsize=8M:\
127# :openfiles=24:\
128# :maxproc=32:\
129# :priority=0:\
130# :requirehome:\
131# :passwordtime=90d:\
132# :umask=002:\
133# :ignoretime@:\
134# :tc=default:
135#
136#
137##
138## users of X (needs more resources!)
139##
140#xuser:\
df2b1864 141# :manpath=/usr/share/man /usr/pkg/man /usr/local/man:\
984263bc
MD
142# :cputime=4h:\
143# :datasize=12M:\
144# :vmemoryuse=infinity:\
145# :stacksize=4M:\
146# :filesize=8M:\
147# :memoryuse=16M:\
148# :openfiles=32:\
149# :maxproc=48:\
150# :tc=standard:
151#
152#
153##
154## Staff users - few restrictions and allow login anytime
155##
156#staff:\
157# :ignorenologin:\
158# :ignoretime:\
159# :requirehome@:\
160# :accounted@:\
161# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
162# :umask=022:\
163# :tc=standard:
164#
165#
166##
167## root - fallback for root logins
168##
169#root:\
170# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
171# :cputime=infinity:\
172# :datasize=infinity:\
173# :stacksize=infinity:\
174# :memorylocked=infinity:\
175# :memoryuse=infinity:\
176# :filesize=infinity:\
177# :coredumpsize=infinity:\
178# :openfiles=infinity:\
179# :maxproc=infinity:\
180# :memoryuse-cur=32M:\
181# :maxproc-cur=64:\
182# :openfiles-cur=1024:\
183# :priority=0:\
184# :requirehome@:\
185# :umask=022:\
186# :tc=auth-root-defaults:
187#
188#
189##
190## Settings used by /etc/rc
191##
192#daemon:\
193# :coredumpsize@:\
194# :coredumpsize-cur=0:\
195# :datasize=infinity:\
196# :datasize-cur@:\
197# :maxproc=512:\
198# :maxproc-cur@:\
199# :memoryuse-cur=64M:\
200# :memorylocked-cur=64M:\
201# :openfiles=1024:\
202# :openfiles-cur@:\
203# :stacksize=16M:\
204# :stacksize-cur@:\
205# :tc=default:
206#
207#
208##
209## Settings used by news subsystem
210##
211#news:\
212# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
213# :cputime=infinity:\
214# :filesize=128M:\
215# :datasize-cur=64M:\
216# :stacksize-cur=32M:\
217# :coredumpsize-cur=0:\
218# :maxmemorysize-cur=128M:\
219# :memorylocked=32M:\
220# :maxproc=128:\
221# :openfiles=256:\
222# :tc=default:
223#
224#
225##
226## The dialer class should be used for a dialup PPP/SLIP accounts
227## Welcome messages/news suppressed
228##
229#dialer:\
230# :hushlogin:\
231# :requirehome@:\
232# :cputime=unlimited:\
233# :filesize=2M:\
234# :datasize=2M:\
235# :stacksize=4M:\
236# :coredumpsize=0:\
237# :memoryuse=4M:\
238# :memorylocked=1M:\
239# :maxproc=16:\
240# :openfiles=32:\
241# :tc=standard:
242#
243#
244##
245## Site full-time 24/7 PPP/SLIP connections
246## - no time accounting, restricted to access via dialin lines
247##
248#site:\
249# :ignoretime:\
250# :passwordtime@:\
251# :refreshtime@:\
252# :refreshperiod@:\
253# :sessionlimit@:\
254# :autodelete@:\
255# :expireperiod@:\
256# :graceexpire@:\
257# :gracetime@:\
258# :warnexpire@:\
259# :warnpassword@:\
260# :idletime@:\
261# :sessiontime@:\
262# :daytime@:\
263# :weektime@:\
264# :monthtime@:\
265# :warntime@:\
266# :accounted@:\
267# :tc=dialer:\
268# :tc=staff:
269#
270#
271##
272## Example standard accounting entries for subscriber levels
273##
274#
275#subscriber|Subscribers:\
276# :accounted:\
277# :refreshtime=180d:\
278# :refreshperiod@:\
279# :sessionlimit@:\
280# :autodelete=30d:\
281# :expireperiod=180d:\
282# :graceexpire=7d:\
283# :gracetime=10m:\
284# :warnexpire=7d:\
285# :warnpassword=7d:\
286# :idletime=30m:\
287# :sessiontime=4h:\
288# :daytime=6h:\
289# :weektime=40h:\
290# :monthtime=120h:\
291# :warntime=4h:\
292# :tc=standard:
293#
294#
295##
296## Subscriber accounts. These accounts have their login times
297## accounted and have access limits applied.
298##
299#subppp|PPP Subscriber Accounts:\
300# :tc=dialer:\
301# :tc=subscriber:
302#
303#
304#subslip|SLIP Subscriber Accounts:\
305# :tc=dialer:\
306# :tc=subscriber:
307#
308#
309#subshell|Shell Subscriber Accounts:\
310# :tc=subscriber:
311#
312##
313## If you want some of the accounts to use traditional UNIX DES based
314## password hashes.
315##
316#des_users:\
317# :passwd_format=des:\
318# :tc=default: