11cf8f98cSWolfram Schneider.\" Copyright (c) 1993 21cf8f98cSWolfram Schneider.\" The Regents of the University of California. All rights reserved. 31cf8f98cSWolfram Schneider.\" 41cf8f98cSWolfram Schneider.\" Redistribution and use in source and binary forms, with or without 51cf8f98cSWolfram Schneider.\" modification, are permitted provided that the following conditions 61cf8f98cSWolfram Schneider.\" are met: 71cf8f98cSWolfram Schneider.\" 1. Redistributions of source code must retain the above copyright 81cf8f98cSWolfram Schneider.\" notice, this list of conditions and the following disclaimer. 91cf8f98cSWolfram Schneider.\" 2. Redistributions in binary form must reproduce the above copyright 101cf8f98cSWolfram Schneider.\" notice, this list of conditions and the following disclaimer in the 111cf8f98cSWolfram Schneider.\" documentation and/or other materials provided with the distribution. 12*fbbd9655SWarner Losh.\" 3. Neither the name of the University nor the names of its contributors 131cf8f98cSWolfram Schneider.\" may be used to endorse or promote products derived from this software 141cf8f98cSWolfram Schneider.\" without specific prior written permission. 151cf8f98cSWolfram Schneider.\" 161cf8f98cSWolfram Schneider.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 171cf8f98cSWolfram Schneider.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 181cf8f98cSWolfram Schneider.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 191cf8f98cSWolfram Schneider.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 201cf8f98cSWolfram Schneider.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 211cf8f98cSWolfram Schneider.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 221cf8f98cSWolfram Schneider.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 231cf8f98cSWolfram Schneider.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 241cf8f98cSWolfram Schneider.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 251cf8f98cSWolfram Schneider.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 261cf8f98cSWolfram Schneider.\" SUCH DAMAGE. 271cf8f98cSWolfram Schneider.\" 2899bb95aeSYaroslav Tykhiy.Dd May 10, 2007 291cf8f98cSWolfram Schneider.Dt NOLOGIN 5 309fe48c6eSRuslan Ermilov.Os 311cf8f98cSWolfram Schneider.Sh NAME 321cf8f98cSWolfram Schneider.Nm nologin 331cf8f98cSWolfram Schneider.Nd disallow logins 341cf8f98cSWolfram Schneider.Sh DESCRIPTION 357ba45ea9SNik ClaytonPrograms such as 367ba45ea9SNik Clayton.Xr login 1 3799bb95aeSYaroslav Tykhiydisallow logins if the 3899bb95aeSYaroslav Tykhiy.Nm 3999bb95aeSYaroslav Tykhiyfile exists. 4099bb95aeSYaroslav TykhiyThe programs display the contents of 4199bb95aeSYaroslav Tykhiy.Nm 4299bb95aeSYaroslav Tykhiyto the user if possible and interrupt the login sequence. 437ba45ea9SNik ClaytonThis makes it simple to temporarily prevent incoming logins systemwide. 447ba45ea9SNik Clayton.Pp 457ba45ea9SNik ClaytonTo disable logins on a per-account basis, 467ba45ea9SNik Claytoninvestigate 477ba45ea9SNik Clayton.Xr nologin 8 . 481cf8f98cSWolfram Schneider.Sh SECURITY 4999bb95aeSYaroslav TykhiyThe 5099bb95aeSYaroslav Tykhiy.Nm 5199bb95aeSYaroslav Tykhiyfile is ignored for user root by default. 5299bb95aeSYaroslav Tykhiy.Sh IMPLEMENTATION NOTES 5399bb95aeSYaroslav TykhiyThe 5499bb95aeSYaroslav Tykhiy.Nm 5599bb95aeSYaroslav Tykhiyfeature is implemented through 5699bb95aeSYaroslav Tykhiy.Xr login.conf 5 , 5799bb95aeSYaroslav Tykhiywhich allows to change the pathname of the 5899bb95aeSYaroslav Tykhiyfile and to extend the list of users 5999bb95aeSYaroslav Tykhiyexempt from temporary login restriction. 6099bb95aeSYaroslav Tykhiy.Pp 6199bb95aeSYaroslav TykhiyPAM-aware programs can be selectively configured to respect 6299bb95aeSYaroslav Tykhiy.Nm 6399bb95aeSYaroslav Tykhiyusing the 6499bb95aeSYaroslav Tykhiy.Xr pam_nologin 8 6599bb95aeSYaroslav Tykhiymodule via 6699bb95aeSYaroslav Tykhiy.Xr pam.conf 5 . 6799bb95aeSYaroslav Tykhiy.Pp 6899bb95aeSYaroslav TykhiyThe 6999bb95aeSYaroslav Tykhiy.Nm 7099bb95aeSYaroslav Tykhiyfile will be removed at system boot if it resides in 7199bb95aeSYaroslav Tykhiy.Pa /var/run 7299bb95aeSYaroslav Tykhiyand 7399bb95aeSYaroslav Tykhiy.Va cleanvar_enable 7499bb95aeSYaroslav Tykhiyis set to 7599bb95aeSYaroslav Tykhiy.Dq Li YES 7699bb95aeSYaroslav Tykhiyin 7799bb95aeSYaroslav Tykhiy.Xr rc.conf 5 , 7899bb95aeSYaroslav Tykhiywhich is default. 7999bb95aeSYaroslav TykhiyTherefore system reboot can effectively re-enable logins. 801cf8f98cSWolfram Schneider.Sh FILES 819cdb6ee1SRuslan Ermilov.Bl -tag -width ".Pa /var/run/nologin" -compact 820e510aedSSatoshi Asami.It Pa /var/run/nologin 8399bb95aeSYaroslav Tykhiydefault location of 8499bb95aeSYaroslav Tykhiy.Nm 851cf8f98cSWolfram Schneider.El 861cf8f98cSWolfram Schneider.Sh SEE ALSO 871cf8f98cSWolfram Schneider.Xr login 1 , 8899bb95aeSYaroslav Tykhiy.Xr login.conf 5 , 8999bb95aeSYaroslav Tykhiy.Xr pam.conf 5 , 9099bb95aeSYaroslav Tykhiy.Xr rc.conf 5 , 911c669fdbSWolfram Schneider.Xr nologin 8 , 9299bb95aeSYaroslav Tykhiy.Xr pam_nologin 8 , 931cf8f98cSWolfram Schneider.Xr shutdown 8 94