LOGIN(M) UNIX System V
Name
login - gives access to the system
Syntax
login [name [env-var ...]]
Description
The login command is used at the beginning of each terminal
session to identify the user and allow them access to the
system. It cannot be invoked except when a connection is
first established, or after the previous user has logged out
by sending an end-of-file ( Ctrl-D ) to their initial shell.
login asks for your user name (if not supplied as an
argument), and, if appropriate, your password. Echoing is
turned off (where possible) during the typing of your
password, so it will not appear on the written record of the
session.
If you make a mistake in the login procedure you will
receive the message
Login incorrect
and a new login prompt will appear. The number of login
attempts you are allowed, is configurable. If you make too
many unsuccessful login attempts, you can be locked out.
If the login sequence is not completed successfully within a
certain period of time (e.g., one minute), the user is
returned to the ``login:'' prompt or silently disconnected
from a dial-in line.
After a successful login, accounting files (/etc/utmp and
/etc/wtmp) are updated, the user is notified if they have
mail, and the start-up shell files (i.e., .profile for the
Bourne shell or .login for the C-shell) if any, are
executed.
login checks /etc/default/login for ULIMIT (maximum file
size in 512 byte blocks, default is 2,097,152), and for
environment variables, such as TZ (time zone), HZ (hertz),
and ALTSHELL (allows other than sh shell types). Another
entry that can be placed in /etc/default/login is OVERRIDE,
which allows root to log in on the console even if the
protected password database entry for root is corrupted.
login checks /etc/default/login to see if there is an entry
similar to the following:
OVERRIDE=tty01
This identifies the tty to be used when doing an override
login for root. The CONSOLE=/dev/??? entry means that root
can only log in on the /dev listed.
login initializes the user and group IDs and the working
directory, then executes a command interpreter (usually
sh(C)) according to specifications found in the /etc/passwd
file. Argument 0 of the command interpreter is a dash (-)
followed by the last component
of the interpreter's pathname. The basic environment (see
environ(M)) is initialized to:
HOME= your-login-directory
PATH=:/bin:/usr/bin
SHELL=last field of passwd entry
MAIL=/usr/spool/mail/your-login-name
TZ=timezone-specification
Initially, umask is set to octal 022 by login.
If a user's UID is 0 (i.e. if this is the superuser), the
PATH variable is set to SUPATH, if SUPATH is specified in
/etc/default/login. If it is not, PATH is set to the
following:
PATH=:/bin:/usr/bin:/etc
It is not advisable for SUPATH to include the current
directory symbol (.).
To enable time-of-login recording (and reporting of the time
of last login at each login), create the log file
/usr/adm/lastlog. This file should be owned by /bin and
group bin; the permissions can be restricted to 600 if
desired. If this file exists and the user is not currently
logged in, the finger(C) utility will report the time of
last login.
Files
/etc/utmp Information on current logins
/etc/wtmp History of logins since last
multiuser
/usr/spool/mail/name Mailbox for user name
/etc/motd Message of the day
/etc/default/login Default values for environment
variables
/etc/passwd Password file
/etc/profile System profile
$HOME/.profile Personal profile
See Also
environ(M), getty(ADM), machine(HW), mail(C), newgrp(C),
passwd(C), passwd(F), profile(M), su(C), sh(C), ulimit(S),
umask(C), who(C)
Diagnostics
Not on system console
login is set up to allow root to log on on the
console only, and you are not on the system
console.
Login incorrect
The login or dialup password is incorrect.
Unable to change directory to dir
login cannot chdir to the home directory as
specified by /etc/passwd.
No utmp entry. You must exec 'login' from the lowest
level 'sh'.
init did not put an entry in utmp.
No Root Directory
The shell field starts with a '*', and the attempt
to do a chroot to the home directory failed.
You don't have a password.
A password is required and it hasn't been set
previously.
Protected Password information suddenly vanished
During the course of working with the protected
password database information the pointer pointing
to the static version of the information has
suddenly disappeared.
Cannot execute passwd program
The password program cannot be executed for some
reason.
Login aborted due to no password.
The password program has returned an error while
setting a password, as when the <DEL> key is
pressed.
Can't rewrite protected password entry for user %s,
Authentication error; see Account Administrator
The login program cannot update the protected
password database entry.
Protected Password database problem
After updating Protected Password data, login
reads the information again and the entry cannot
be read.
Account is disabled but console login is allowed.
Account is disabled -- see Account Administrator.
If the account is locked, but root is logging in
on the console (OVERRIDE tty), the first message
is displayed; an ordinary user will see the
second.
Account has been retired -- logins are no longer allowed.
The account is retired (no override for this
condition).
Cannot set terminal mode.
The chmod of the tty failed.
Bad login user id.
No uid has been set. This can be due to a missing
critical database file, such as
/etc/auth/system/authorize. Run authck(ADM) and
check any error messages.
Wait for login retry, reason);
When the login must be retried, the message that
gets printed is printed by a routine called
login_delay that takes as an argument the reason
for the retry.
user appears in /etc/passwd but not in Protected
Password database
If the user is in /etc/passwd but not in the
Protected Password database, there is no message
printed, but login generates the following audit
record.
Cannot obtain database information on this terminal
login cannot get information from the
/etc/auth/system/ttys file for the tty line.
Error in terminal setup.
Something is wrong with the terminal setup (for
example, stdin in, stdout, and stderr are the same
thing).
Cannot obtain settings for this terminal
The ioctl(S) on the tty device failed.
No login program on root
When attempting to do a sublogin (chrooting to a
subtree for a restricted login), no login program
was found.
Can't rewrite terminal control entry for tty,
Authentication error; see Account Administrator
The information for the login tty cannot be
updated.
Terminal Control information suddenly vanished
During the course of working with the terminal
database information the pointer pointing to the
static version of the information suddenly
disappeared.
Can't rewrite terminal control entry for %s,
Authentication error; see Account Administrator
login cannot update the tty database entry.
Bad priority setting.
nice failed to set the nice value specified in the
Protected Password entry for the user.
Bad group id.
The call to setgid failed.
Bad user id.
The call to setuid failed.
Unable to set kernel authorizations.
The call to set the kernel authorizations failed.
Login timed out
login received an ALARM signal. Note: login sets
this itself, but it could conceivably come from
somewhere else.
Terminal is disabled but root login is allowed.
Terminal is disabled -- see Account Administrator.
If the terminal is disabled, but you are root
loggin in on the console (OVERRIDE tty) the first
message is displayed; the second is displayed for
ordinary users.
The security databases are corrupt.
However, %s login at terminal %s is allowed,
This is the message displayed when the override
tty is used during a security problem.
Impossible to execute /bin/sh!
login cannot execute the shell program for doing
an override.
Notes
Only the superuser may execute login from a shell.
As explained in machine(HW), when setting ULIMIT in the
/etc/default/login file on filesystems with 1024 byte blocks
(see machine(M)), be sure to specify even numbers, as the
ULIMIT variable accepts a number of 512-byte blocks. The
default is 2,097,152 blocks, or 1 gigabyte. Use this
variable to increase or decrease the maximum allowable file
size.
(printed 9/14/89) LOGIN(M)