xref: /titanic_41/usr/src/cmd/login/login.dfl (revision 505d05c73a6e56769f263d4803b22eddd168ee24) 
1#ident	"%Z%%M%	%I%	%E% SMI"
2#
3# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
4# Use is subject to license terms.
5#
6# CDDL HEADER START
7#
8# The contents of this file are subject to the terms of the
9# Common Development and Distribution License, Version 1.0 only
10# (the "License").  You may not use this file except in compliance
11# with the License.
12#
13# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
14# or http://www.opensolaris.org/os/licensing.
15# See the License for the specific language governing permissions
16# and limitations under the License.
17#
18# When distributing Covered Code, include this CDDL HEADER in each
19# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
20# If applicable, add the following below this CDDL HEADER, with the
21# fields enclosed by brackets "[]" replaced with your own identifying
22# information: Portions Copyright [yyyy] [name of copyright owner]
23#
24# CDDL HEADER END
25#
26
27# Set the TZ environment variable of the shell.
28#
29#TIMEZONE=EST5EDT
30
31# ULIMIT sets the file size limit for the login.  Units are disk blocks.
32# The default of zero means no limit.
33#
34#ULIMIT=0
35
36# If CONSOLE is set, root can only login on that device.
37# Comment this line out to allow remote login by root.
38#
39CONSOLE=/dev/console
40
41# PASSREQ determines if login requires a password.
42#
43PASSREQ=YES
44
45# ALTSHELL determines if the SHELL environment variable should be set
46#
47ALTSHELL=YES
48
49# PATH sets the initial shell PATH variable
50#
51#PATH=/usr/bin:
52
53# SUPATH sets the initial shell PATH variable for root
54#
55#SUPATH=/usr/sbin:/usr/bin
56
57# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
58# abandoning a login session.
59#
60#TIMEOUT=300
61
62# UMASK sets the initial shell file creation mode mask.  See umask(1).
63#
64#UMASK=022
65
66# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
67# to log all root logins at level LOG_NOTICE and multiple failed login
68# attempts at LOG_CRIT.
69#
70SYSLOG=YES
71
72# SLEEPTIME controls the number of seconds that the command should
73# wait before printing the "login incorrect" message when a
74# bad password is provided.  The range is limited from
75# 0 to 5 seconds.
76#
77#SLEEPTIME=4
78
79# DISABLETIME  If present, and greater than zero, the number of seconds
80# login will wait after RETRIES failed attempts or the PAM framework returns
81# PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.
82#
83#DISABLETIME=20
84
85# RETRIES determines the number of failed logins that will be
86# allowed before login exits. Default is 5 and maximum is 15.
87# If account locking is configured (user_attr(4)/policy.conf(4))
88# for a local user's account (passwd(4)/shadow(4)), that account
89# will be locked if failed logins equals or exceeds RETRIES.
90#
91#RETRIES=5
92#
93# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
94# login attempts will be allowed by the system before a failed login
95# message is logged, using the syslog(3) LOG_NOTICE facility.  For example,
96# if the variable is set to 0, login will log -all- failed login attempts.
97#
98#SYSLOG_FAILED_LOGINS=5
99