1# 2# Copyright 2008 Sun Microsystems, Inc. All rights reserved. 3# Use is subject to license terms. 4# 5# CDDL HEADER START 6# 7# The contents of this file are subject to the terms of the 8# Common Development and Distribution License (the "License"). 9# You may not use this file except in compliance with the License. 10# 11# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 12# or http://www.opensolaris.org/os/licensing. 13# See the License for the specific language governing permissions 14# and limitations under the License. 15# 16# When distributing Covered Code, include this CDDL HEADER in each 17# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 18# If applicable, add the following below this CDDL HEADER, with the 19# fields enclosed by brackets "[]" replaced with your own identifying 20# information: Portions Copyright [yyyy] [name of copyright owner] 21# 22# CDDL HEADER END 23# 24 25# Set the TZ environment variable of the shell. 26# 27#TIMEZONE=EST5EDT 28 29# ULIMIT sets the file size limit for the login. Units are disk blocks. 30# The default of zero means no limit. 31# 32#ULIMIT=0 33 34# If CONSOLE is set, root can only login on that device. 35# If the specified device is /dev/console, then root can also log into 36# any of the currently enabled /dev/vt/# virtual terminal devices. 37# Comment this line out to allow remote login by root. 38# 39CONSOLE=/dev/console 40 41# PASSREQ determines if login requires a password. 42# 43PASSREQ=YES 44 45# ALTSHELL determines if the SHELL environment variable should be set 46# 47ALTSHELL=YES 48 49# PATH sets the initial shell PATH variable 50# sample with GNU tools in front of the path 51# PATH=/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin 52# sample with XPG4 tools in front of the path 53# PATH=/usr/xpg4/bin:/usr/bin:/usr/sbin:/sbin 54PATH=/usr/bin:/usr/sbin:/sbin:/usr/gnu/bin 55 56# SUPATH sets the initial shell PATH variable for root 57# 58SUPATH=/usr/sbin:/sbin:/usr/bin 59 60# TIMEOUT sets the number of seconds (between 0 and 900) to wait before 61# abandoning a login session. 62# 63#TIMEOUT=300 64 65# UMASK sets the initial shell file creation mode mask. See umask(1). 66# 67#UMASK=022 68 69# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used 70# to log all root logins at level LOG_NOTICE and multiple failed login 71# attempts at LOG_CRIT. 72# 73SYSLOG=YES 74 75# SLEEPTIME controls the number of seconds that the command should 76# wait before printing the "login incorrect" message when a 77# bad password is provided. The range is limited from 78# 0 to 5 seconds. 79# 80#SLEEPTIME=4 81 82# DISABLETIME If present, and greater than zero, the number of seconds 83# login will wait after RETRIES failed attempts or the PAM framework returns 84# PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed. 85# 86#DISABLETIME=20 87 88# RETRIES determines the number of failed logins that will be 89# allowed before login exits. Default is 5 and maximum is 15. 90# If account locking is configured (user_attr(5)/policy.conf(5)) 91# for a local user's account (passwd(5)/shadow(5)), that account 92# will be locked if failed logins equals or exceeds RETRIES. 93# 94#RETRIES=5 95# 96# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed 97# login attempts will be allowed by the system before a failed login 98# message is logged, using the syslog(3) LOG_NOTICE facility. For example, 99# if the variable is set to 0, login will log -all- failed login attempts. 100# 101#SYSLOG_FAILED_LOGINS=5 102