3 .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
4 .\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
6 .\" Manual: User Commands
7 .\" Source: User Commands
10 .TH "LOGIN" "1" "16/02/2011" "User Commands" "User Commands"
11 .\" -----------------------------------------------------------------
12 .\" * Define some portability stuff
13 .\" -----------------------------------------------------------------
14 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15 .\" http://bugs.debian.org/507673
16 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
20 .\" -----------------------------------------------------------------
21 .\" * set default formatting
22 .\" -----------------------------------------------------------------
23 .\" disable hyphenation
25 .\" disable justification (adjust text to left margin only)
27 .\" -----------------------------------------------------------------
28 .\" * MAIN CONTENT STARTS HERE *
29 .\" -----------------------------------------------------------------
31 login \- begin session on the system
33 .HP \w'\fBlogin\fR\ 'u
34 \fBlogin\fR [\-p] [\-h\ \fIhost\fR] [\fIusername\fR] [\fIENV=VAR\fR...]
35 .HP \w'\fBlogin\fR\ 'u
36 \fBlogin\fR [\-p] [\-h\ \fIhost\fR] \-f \fIusername\fR
37 .HP \w'\fBlogin\fR\ 'u
38 \fBlogin\fR [\-p] \-r\ \fIhost\fR
43 program is used to establish a new session with the system\&. It is normally invoked automatically by responding to the
45 prompt on the user\*(Aqs terminal\&.
47 may be special to the shell and may not be invoked as a sub\-process\&. When called from a shell,
51 which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller)\&. Attempting to execute
53 from any shell but the login shell will produce an error message\&.
55 All\*(Aqutente viene quindi chiesta la password, se necessario\&. Durante questa operazione l\*(Aqeco sul terminale \(`e disabilitato per non rivelare la password\&. Solo un basso numero di tentativi falliti \(`e permesso prima che
57 termini e che la connessione sia rallentata\&.
59 Se la scadenza delle password \(`e abilitata per il proprio account, prima di proseguire ci pu\(`o essere la richiesta di una nuova password\&. Il programma chieder\(`a prima la vecchia password e poi la nuova per poter continuare\&. Per maggiori informazioni si faccia riferimento a
62 Dopo aver completato correttamente l\*(Aqaccesso, vengono mostrati eventuali messaggi di sistema e si viene informati della presenza di nuova posta\&. Si pu\(`o evitare di visualizzare i messaggi in
64 creando un file vuoto chiamato
66 nella propria directory di login\&. Il messaggio relativo alla presenza di posta \(`e "\fIC\*(Aq\(`e nuova posta\&.\fR", "\fIC\*(Aq\(`e la solita posta\&.\fR" o "\fINessun messaggio di posta\&.\fR" a seconda dello stato della propria casella di posta\&.
68 Your user and group ID will be set according to their values in the
76 are set according to the appropriate fields in the password entry\&. Ulimit, umask and nice values may also be set according to entries in the GECOS field\&.
78 In alcune installazioni la variabile d\*(Aqambiente
80 pu\(`o essere impostata in base al tipo di terminale della propria connessione, come specificato in
83 An initialization script for your command interpreter may also be executed\&. Please see the appropriate manual section for more information on this function\&.
85 A subsystem login is indicated by the presence of a "*" as the first character of the login shell\&. The given home directory will be used as the root of a new file system which the user is actually logged into\&.
89 program is NOT responsible for removing users from the utmp file\&. It is the responsibility of
93 to clean up apparent ownership of a terminal session\&. If you use
95 from the shell prompt without
96 \fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&.
101 Non effettua l\*(Aqautenticazione, l\*(Aqutente \(`e gi\(`a autenticato
110 Nome dell\*(Aqhost remoto per questo login\&.
115 Non modifica l\*(Aqambiente\&.
120 Perform autologin protocol for rlogin\&.
128 possono essere utilizzate solo quando
130 viene invocato da root\&.
135 has many compilation options, only some of which may be in use at any particular site\&.
137 The location of files is subject to differences in system configuration\&.
141 program is NOT responsible for removing users from the utmp file\&. It is the responsibility of
145 to clean up apparent ownership of a terminal session\&. If you use
147 from the shell prompt without
148 \fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&.
151 \fBlogin\fR\*(Aqs appearance can be faked\&. If non\-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine\&. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack\&.
154 The following configuration variables in
156 change the behavior of this tool:
158 \fBCONSOLE\fR (string)
160 If defined, either full pathname of a file containing device names (one per line) or a ":" delimited list of device names\&. Root logins will be allowed only upon these devices\&.
162 If not defined, root will be allowed on any device\&.
164 The device should be specified without the /dev/ prefix\&.
167 \fBCONSOLE_GROUPS\fR (string)
169 List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&.
171 Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&.
174 \fBDEFAULT_HOME\fR (boolean)
176 Indicate if login is allowed if we can\*(Aqt cd to the home directory\&. Default in no\&.
179 \fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&.
182 \fBENV_HZ\fR (string)
184 If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by
185 \fIHZ=\fR\&. A common value on Linux is
189 \fBENV_PATH\fR (string)
191 If set, it will be used to define the PATH environment variable when a regular user login\&. The value can be preceded by
192 \fIPATH=\fR, or a colon separated list of paths (for example
193 \fI/bin:/usr/bin\fR)\&. The default value is
194 \fIPATH=/bin:/usr/bin\fR\&.
197 \fBENV_SUPATH\fR (string)
199 If set, it will be used to define the PATH environment variable when the superuser login\&. The value can be preceded by
200 \fIPATH=\fR, or a colon separated list of paths (for example
201 \fI/sbin:/bin:/usr/sbin:/usr/bin\fR)\&. The default value is
202 \fIPATH=/bin:/usr/bin\fR\&.
205 \fBENV_TZ\fR (string)
207 If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by
210 \fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example
213 If a full path is specified but the file does not exist or cannot be read, the default is to use
217 \fBENVIRON_FILE\fR (string)
219 If this file exists and is readable, login environment will be read from it\&. Every line should be in the form name=value\&.
221 Lines starting with a # are treated as comment lines and ignored\&.
224 \fBERASECHAR\fR (number)
226 Terminal ERASE character (\fI010\fR
231 The value can be prefixed "0" for an octal value, or "0x" for an hexadecimal value\&.
234 \fBFAIL_DELAY\fR (number)
236 Delay in seconds before being allowed another attempt after a login failure\&.
239 \fBFAILLOG_ENAB\fR (boolean)
241 Enable logging and display of
243 login failure info\&.
246 \fBFAKE_SHELL\fR (string)
250 will execute this shell instead of the users\*(Aq shell specified in
254 \fBFTMP_FILE\fR (string)
256 If defined, login failures will be logged in this file in a utmp format\&.
259 \fBHUSHLOGIN_FILE\fR (string)
261 If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&.
264 \fBISSUE_FILE\fR (string)
266 If defined, this file will be displayed before each login prompt\&.
269 \fBKILLCHAR\fR (number)
271 Terminal KILL character (\fI025\fR
274 The value can be prefixed "0" for an octal value, or "0x" for an hexadecimal value\&.
277 \fBLASTLOG_ENAB\fR (boolean)
279 Enable logging and display of /var/log/lastlog login time info\&.
282 \fBLOGIN_RETRIES\fR (number)
284 Maximum number of login retries in case of bad password\&.
287 \fBLOGIN_STRING\fR (string)
289 The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will no be translated\&.
291 If the string contains
292 \fI%s\fR, this will be replaced by the user\*(Aqs name\&.
295 \fBLOGIN_TIMEOUT\fR (number)
297 Max time in seconds for login\&.
300 \fBLOG_OK_LOGINS\fR (boolean)
302 Enable logging of successful logins\&.
305 \fBLOG_UNKFAIL_ENAB\fR (boolean)
307 Enable display of unknown usernames when login failures are recorded\&.
309 Note: logging unknown usernames may be a security issue if an user enter her password instead of her login name\&.
312 \fBMAIL_CHECK_ENAB\fR (boolean)
314 Enable checking and display of mailbox status upon login\&.
316 You should disable it if the shell startup files already check for mail ("mailx \-e" or equivalent)\&.
319 \fBMAIL_DIR\fR (string)
321 The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&.
324 \fBMAIL_FILE\fR (string)
326 Defines the location of the users mail spool files relatively to their home directory\&.
333 variables are used by
337 to create, move, or delete the user\*(Aqs mail spool\&.
340 \fBMAIL_CHECK_ENAB\fR
342 \fIyes\fR, they are also used to define the
344 environment variable\&.
346 \fBMOTD_FILE\fR (string)
348 If defined, ":" delimited list of "message of the day" files to be displayed upon login\&.
351 \fBNOLOGINS_FILE\fR (string)
353 If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&.
356 \fBPORTTIME_CHECKS_ENAB\fR (boolean)
358 Enable checking of time restrictions specified in /etc/porttime\&.
361 \fBQUOTAS_ENAB\fR (boolean)
363 Enable setting of ulimit, umask, and niceness from passwd gecos field\&.
366 \fBTTYGROUP\fR (string), \fBTTYPERM\fR (string)
368 The terminal permissions: the login tty will be owned by the
370 group, and the permissions will be set to
373 By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to
378 can be either the name of a group or a numeric group identifier\&.
382 program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&.
385 \fBTTYTYPE_FILE\fR (string)
387 If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&.
390 \fBULIMIT\fR (number)
399 The file mode creation mask is initialized to this value\&. If not specified, the mask will be initialized to 022\&.
405 use this mask to set the mode of the home directory they create
409 to define users\*(Aq initial umask\&. Note that this mask can be overriden by the user\*(Aqs GECOS line (if
411 is set) or by the specification of a limit with the
417 \fBUSERGROUPS_ENAB\fR (boolean)
419 Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&.
424 will remove the user\*(Aqs group if it contains no more members, and
426 will create by default a group with the name of the user\&.
432 Elenco delle sessioni attive
437 Elenco delle precedenti sessioni\&.
442 informazioni sugli account utente\&.
447 Informazioni sicure sugli account di utenti\&.
452 System message of the day file\&.
457 Inibisce l\e\*(Aqaccesso al sistema per utenti diversi da root\&.
462 Elenco di tipi di terminale\&.
467 #\-#\-#\-#\-# #\-#\-#\-#\-# Non fa mostrare i messaggi di sistema\&. #\-#\-#\-#\-# #\-#\-#\-#\-# Impedisce che vengano mostrati i messaggi di sistema\&.
472 Shadow password suite configuration\&.