Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ login(1) — DG/UX R4.11

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

mail(1)

newgrp(1)

sh(1)

su(1)

passwd(4)

profile(4)

environ(5)

usermond(1M)



login(1)                         DG/UX R4.11                        login(1)


NAME
       login - sign on

SYNOPSIS
       login [ -s servicename ] [ -n locationname ] [ -a locationdescription
       ] [ -d device ] [ name [ -l macalias ] [ environ ... ]]

DESCRIPTION
       The login command is used at the beginning of each terminal session
       and allows you to identify yourself to the system.  It will be
       invoked by the system when a connection is first established.

       On a generic DG/UX system, if login is invoked as a command, it must
       replace the initial command interpreter.  This is accomplished by
       typing
            exec login
       from the initial shell.

       login asks for your user name (if it is not supplied as an argument),
       and if appropriate, your password.  Echoing is turned off (where
       possible) during the typing of your password, so it will not appear
       on the written record of the session.

       If there are no lower-case characters in the first line of input
       processed, login assumes the connecting TTY is an upper-case-only
       terminal and sets the port's termio(7) options to reflect this.

       login accepts a device option, device.  device is taken to be the
       pathname of the TTY port login is to operate on.  The use of the
       device option can be expected to improve login performance, since
       login will not need to call ttyname(3C).

       On a system with DG/UX information security, if the -l option is
       provided, login attempts to create the session with a process
       clearance (MAC label) of macalias, if permitted by the authorizations
       for the login service in the A&A database.

       The ability to create a login session from a particular device is
       limited by the MAC range of sessions allowed by that device.  It is
       possible for a user's login service authorization to allow a user to
       login at a certain macalias, but for the device MAC range to deny it.
       In this case, the attempt to create the login session will fail.

       If you make any mistake in the login procedure, the message
            Login incorrect
       is printed and a new login prompt will appear.

       If you're on a system with DG/UX information security and your
       password has expired and you have failed to change it, the message
            Service denied
       is printed, and a new login prompt appears.

       If you do not complete the login successfully within a certain period
       of time (normally, one minute), you are likely to be silently
       disconnected.

       Once you have correctly identified yourself, login will check license
       information provided by usermond(1M).  Usermond(1M) maintains license
       information including the license and user count to
       /var/license/.licensedata.  If you are not currently logged into
       this system, you may be denied access if the user count exceeds the
       license.  If this happens, the message
            Login denied due to access restrictions
       is printed and a new login prompt will appear.

       After a successful login, accounting files are updated, the
       /etc/profile script is executed, /etc/motd is printed, and the user-
       ID, group-ID, supplementary group list, working directory, and
       command interpreter (usually sh) are initialized. On a system with
       DG/UX information security, applicable security parameters are also
       initialized.  These parameters are found in the Authentication and
       Authorization (A&A) database entries for the user.


       If the initialized command interpreter is sh, login instructs sh to
       perform the procedure /etc/profile.  In addition, if the file
       .profile exists in the working directory, sh executes it as well.  On
       a generic DG/UX system, these specifications are found in the
       /etc/passwd file entry for the user.  The process name of the command
       interpreter is - followed by the last component of the interpreter's
       pathname (e.g., -sh).  If this field in the password file is empty,
       then the default command interpreter, /usr/bin/sh, is used.  If this
       field is *, then a chroot(2) is done to the directory named in the
       directory field of the entry making it the root directory.  At that
       point login is re-executed at the new level which must have its own
       root structure, including /etc/login and /etc/passwd.

       The basic environment is initialized to:

              HOME=your-login-directory
              LOGNAME=your-login-name
              PATH=/usr/bin
              SHELL=command-interpreter-pathname
              MAIL=/var/mail/your-login-name
              TZ=timezone-specification

       The environment may be expanded or modified by supplying additional
       arguments to login, either at execution time or when login requests
       your login name.  The arguments may take either the form xxx or
       xxx=yyy.  Arguments without an equal sign are placed in the
       environment as
            Ln=xxx
       where n is a number starting at 0 and is incremented each time a new
       variable name is required.  Variables containing an = are placed in
       the environment without modification.  If they already appear in the
       environment, then they replace the older value.  There are two
       exceptions.  The variables PATH and SHELL cannot be changed.  This
       prevents people who log into restricted shell environments from
       spawning secondary shells that are not restricted.  login understands
       simple single-character quoting conventions.  Typing a backslash in
       front of a character quotes it and allows the inclusion of such
       characters as spaces and tabs.

       The system administrator can modify the behavior of login by setting
       variables in the /etc/default/login file.  The following variables
       affect both traditional DG/UX systems and trusted systems:

       ALTSHELL     If set to "YES" the SHELL environment variable
                    containing the pathname of the user's shell will be
                    declared as part of the basic initial environment.

       HZ           Default value for the HZ (hertz) environment variable.
                    If not set, the value of HZ defaults to 100.

       PATH         Default value of PATH environment variable for all non-
                    superuser logins on the system.  If not set, the default
                    is "/usr/bin".

       TIMEOUT      Maximum amount of time in seconds to wait on a
                    successful login attempt before disconnecting.  The
                    maximum value allowed is 900 (15 minutes).  If not set,
                    timeout period defaults to 60 seconds.  Setting TIMEOUT
                    0 disables the timeout feature.

       TIMEZONE     Default value for the TZ (time zone) environment
                    variable.  If not set, the value of TZ defaults to
                    "EST5EDT".

       ULIMIT       Maximum size allowed for user files (in blocks).  If
                    ULIMIT is not set, no file size limit is enforced.

       UMASK        Default umask for system users.  If UMASK is not set the
                    default umask on a traditional DG/UX system will be 022,
                    and on a trusted system umask will be 077.

       UPPEROLD     Normally, if there are no lower-case characters in the
                    first line of input processed, login assumes the
                    connecting TTY is an upper-case-only terminal and sets
                    the port's termio(7) options to reflect this.  Setting
                    UPPEROLD to NO disables this functionality.

       USERNAMEPROMPT
                    If set, this string overrides the built-in username
                    prompt (login: ).  The prompt that is configured for a
                    port service under ttymon control may or may not
                    override both the built-in prompt and USERNAMEPROMPT,
                    depending on other port service settings.

       The following variables affect only traditional DG/UX systems:

       CONSOLE      If set, superuser login is allowed only on the terminal
                    specified.  E.g., "CONSOLE=/dev/console" restricts
                    superuser login to the console.  If not set, no
                    restrictions are placed on superuser login.

       PASSREQ      If set to "YES" a password is required for all non-
                    superusers on the system.  If a new user account is
                    added with no password, login will prompt for a password
                    the first time the user attempts to log in.

       SUPATH       Default value of PATH environment variable for all
                    superuser logins on the system.  If not set, the default
                    is "/sbin:/usr/sbin:/usr/bin:/etc".

       On a trusted DG/UX system, agents such as ttymon or rlogind that exec
       login must supply the options -s servicename, -n locationname, and -a
       locationdescription.  The -s servicename option identifies the
       service for which login is being invoked, and for which the user's
       authorization will be checked.  On a system with DG/UX information
       security, if you omit -s servicename, login denies service, and logs
       the denial using syslog(3C).

       The -n locationname option identifies the location from which the
       user is logging in.  On a system with DG/UX information security, if
       -n locationname is not supplied, login will default the location name
       to that of the tty or pseudo-tty attached to stdin.  This default is
       appropriate for access to direct-connect terminals via ttymon, for
       example, but inappropriate for access from a network -- knowing the
       pseudo-tty name tells little or nothing about the actual location of
       the user.  The -a locationdescription option gives an ASCII name used
       to identify the type of locationname in a syslog message whenever a
       login attempt fails.  On a secure DG/UX system, if -a
       locationdescription is not supplied, login failures will not be
       recorded in syslog.  These options have no effect on a standard DG/UX
       system.

FILES
       /etc/utmp            accounting
       /etc/wtmp            accounting
       /var/license/.licensedata license information
       /var/mail/your-name  mailbox for user your-name
       /etc/default/login   login system-wide default settings
       /etc/motd            message-of-the-day
       /etc/passwd          password file
       /etc/profile         system profile
       .profile             user's login profile
       A&A database         Authentication and Authorization database
       (pertains to a system with DG/UX information security only)

DIAGNOSTICS
       Login incorrect
       This is the general message that appears if the user cannot login,
       e.g. when the name and the password cannot be matched.

       Service denied
       (Pertains to a system with DG/UX information security only) This
       message appears if your password has expired, and you have failed to
       change it.

       Login denied due license restrictions
       This message will appear when your user count exceeds your license.
       If this message appears, consult your system administrator.

       No shell, cannot open password file, or no directory
       If these messages appear consult your system administrator.

       No utmp entry.  You must exec login from the lowest level sh.
       On a tradtional DG/UX system, this message appears if you attempted
       to execute login as a command without using the shell's exec internal
       command or from a shell other than the initial shell.  If you are on
       a system with DG/UX information security and this message appears,
       see your system administrator.

       Cannot open /dev/tty.
       This message appears if login is unable to open /dev/tty to read the
       password.

       System problem, please see your administrator
       (Pertains to systems with DG/UX information security only) This
       message appears if login is unable to set a MAC label on your tty
       port.

SEE ALSO
       mail(1), newgrp(1), sh(1), su(1), passwd(4), profile(4), environ(5),
       usermond(1M).


Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026