# # Copyright 2008 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # CDDL HEADER START # # The contents of this file are subject to the terms of the # Common Development and Distribution License (the "License"). # You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. # See the License for the specific language governing permissions # and limitations under the License. # # When distributing Covered Code, include this CDDL HEADER in each # file and include the License file at usr/src/OPENSOLARIS.LICENSE. # If applicable, add the following below this CDDL HEADER, with the # fields enclosed by brackets "[]" replaced with your own identifying # information: Portions Copyright [yyyy] [name of copyright owner] # # CDDL HEADER END # # Set the TZ environment variable of the shell. # #TIMEZONE=EST5EDT # ULIMIT sets the file size limit for the login. Units are disk blocks. # The default of zero means no limit. # #ULIMIT=0 # If CONSOLE is set, root can only login on that device. # If the specified device is /dev/console, then root can also log into # any of the currently enabled /dev/vt/# virtual terminal devices. # Comment this line out to allow remote login by root. # CONSOLE=/dev/console # PASSREQ determines if login requires a password. # PASSREQ=YES # ALTSHELL determines if the SHELL environment variable should be set # ALTSHELL=YES # PATH sets the initial shell PATH variable # sample with GNU tools in front of the path # PATH=/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin # sample with XPG4 tools in front of the path # PATH=/usr/xpg4/bin:/usr/bin:/usr/sbin:/sbin PATH=/usr/bin:/usr/sbin:/sbin:/usr/gnu/bin # SUPATH sets the initial shell PATH variable for root # SUPATH=/usr/sbin:/sbin:/usr/bin # TIMEOUT sets the number of seconds (between 0 and 900) to wait before # abandoning a login session. # #TIMEOUT=300 # UMASK sets the initial shell file creation mode mask. See umask(1). # #UMASK=022 # SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used # to log all root logins at level LOG_NOTICE and multiple failed login # attempts at LOG_CRIT. # SYSLOG=YES # SLEEPTIME controls the number of seconds that the command should # wait before printing the "login incorrect" message when a # bad password is provided. The range is limited from # 0 to 5 seconds. # #SLEEPTIME=4 # DISABLETIME If present, and greater than zero, the number of seconds # login will wait after RETRIES failed attempts or the PAM framework returns # PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed. # #DISABLETIME=20 # RETRIES determines the number of failed logins that will be # allowed before login exits. Default is 5 and maximum is 15. # If account locking is configured (user_attr(5)/policy.conf(5)) # for a local user's account (passwd(5)/shadow(5)), that account # will be locked if failed logins equals or exceeds RETRIES. # #RETRIES=5 # # The SYSLOG_FAILED_LOGINS variable is used to determine how many failed # login attempts will be allowed by the system before a failed login # message is logged, using the syslog(3) LOG_NOTICE facility. For example, # if the variable is set to 0, login will log -all- failed login attempts. # #SYSLOG_FAILED_LOGINS=5