xref: /illumos-gate/usr/src/cmd/login/login.dfl (revision cd277642e0bdc71a7f57c550df1279b0c091d6e2) 
1#
2# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3# Use is subject to license terms.
4#
5# CDDL HEADER START
6#
7# The contents of this file are subject to the terms of the
8# Common Development and Distribution License (the "License").
9# You may not use this file except in compliance with the License.
10#
11# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12# or http://www.opensolaris.org/os/licensing.
13# See the License for the specific language governing permissions
14# and limitations under the License.
15#
16# When distributing Covered Code, include this CDDL HEADER in each
17# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18# If applicable, add the following below this CDDL HEADER, with the
19# fields enclosed by brackets "[]" replaced with your own identifying
20# information: Portions Copyright [yyyy] [name of copyright owner]
21#
22# CDDL HEADER END
23#
24
25# Set the TZ environment variable of the shell.
26#
27#TIMEZONE=EST5EDT
28
29# ULIMIT sets the file size limit for the login.  Units are disk blocks.
30# The default of zero means no limit.
31#
32#ULIMIT=0
33
34# If CONSOLE is set, root can only login on that device.
35# If the specified device is /dev/console, then root can also log into
36# any of the currently enabled /dev/vt/# virtual terminal devices.
37# Comment this line out to allow remote login by root.
38#
39CONSOLE=/dev/console
40
41# PASSREQ determines if login requires a password.
42#
43PASSREQ=YES
44
45# ALTSHELL determines if the SHELL environment variable should be set
46#
47ALTSHELL=YES
48
49# PATH sets the initial shell PATH variable
50# sample with GNU tools in front of the path
51# PATH=/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin
52# sample with XPG4 tools in front of the path
53# PATH=/usr/xpg4/bin:/usr/bin:/usr/sbin:/sbin
54PATH=/usr/bin:/usr/sbin:/sbin:/usr/gnu/bin
55
56# SUPATH sets the initial shell PATH variable for root
57#
58SUPATH=/usr/sbin:/sbin:/usr/bin
59
60# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
61# abandoning a login session.
62#
63#TIMEOUT=300
64
65# UMASK sets the initial shell file creation mode mask.  See umask(1).
66#
67#UMASK=022
68
69# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
70# to log all root logins at level LOG_NOTICE and multiple failed login
71# attempts at LOG_CRIT.
72#
73SYSLOG=YES
74
75# SLEEPTIME controls the number of seconds that the command should
76# wait before printing the "login incorrect" message when a
77# bad password is provided.  The range is limited from
78# 0 to 5 seconds.
79#
80#SLEEPTIME=4
81
82# DISABLETIME  If present, and greater than zero, the number of seconds
83# login will wait after RETRIES failed attempts or the PAM framework returns
84# PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.
85#
86#DISABLETIME=20
87
88# RETRIES determines the number of failed logins that will be
89# allowed before login exits. Default is 5 and maximum is 15.
90# If account locking is configured (user_attr(4)/policy.conf(4))
91# for a local user's account (passwd(4)/shadow(4)), that account
92# will be locked if failed logins equals or exceeds RETRIES.
93#
94#RETRIES=5
95#
96# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
97# login attempts will be allowed by the system before a failed login
98# message is logged, using the syslog(3) LOG_NOTICE facility.  For example,
99# if the variable is set to 0, login will log -all- failed login attempts.
100#
101#SYSLOG_FAILED_LOGINS=5
102