Content-type: text/html
login - Signs the user on to the system
login [-p] [-h host] [[-f] user]
The login command is used when a user initially signs on to the system qnd also by daemons, such as ftp, to create a user's environment.
This security-sensitive command uses the SIA (Security Integration
Architecture) routine as an interface to the security mechanism(s) that perform
the actual user validation. See the
matrix.conf(4)
reference page
for more information.
With the exception of
-p, these options are available
only to the superuser.
Used by
telnetd
and other servers to list
the host from which the connection was received.
Used with a user name
user
on the
command line to indicate that proper authentication was already done and that
no password needs to be requested.
Causes the remainder of the environment to be preserved; otherwise,
any previous environment is discarded.
The invocation of login for initial sign-on is made by a system program or server using the privileged -h and -f forms of the login command.
If login is invoked without an argument, it asks for a user name, and, if appropriate, a password. Echoing is turned off (if possible) during the entering of the password, so it will not appear on the written record of the session.
After a successful login, accounting files are updated. You are informed of the existence of mail, and the message of the day and the time of last login are displayed. The mail message, the message of the day, and the last login time are suppressed if there is a .hushlogin file in the home directory; this is mostly used to make life easier for users such as uucp.
If you have enhanced security installed on your system, the login command prints the last successful and unsuccessful login times and terminal devices. If the account does not have a password and the authentication profile for the account requires one, login starts the passwd command to establish one for the account.
The login command prohibits you from logging in if any of the following are true: The password for the account has expired and you cannot successfully change the password. The password lifetime for the account has passed. The administrative lock on the account was set. The maximum number of unsuccessful login attempts for the account was exceeded. The maximum number of unsuccessful login attempts for the terminal was exceeded. The administrative lock on the terminal was set. The terminal has an authorized user list and you are not on it. The terminal has time of day restrictions and the current time is not within them. The account was retired by the system administrator.
The login command initializes the user and group IDs and the working directory, then executes a command interpreter according to specifications found in the password file. Argument 0 (zero) of the command interpreter is the name of the command interpreter with a leading - (dash).
The login command also modifies the environment with information specifying home directory, command interpreter, terminal type (if available), and user name.
If you have enhanced security installed on your system, the login command always allows root to log in at the console to avoid the situation where all accounts and terminals are locked.
If the file /etc/nologin exists, login prints its contents on your terminal and exits. This is used by shutdown to stop users from logging in when the system is about to go down. If the system is in a cluster, /etc/nologin_{hostname} is also checked
Login is recognized by
sh,
csh,
and
ksh
and executed directly (without forking).
The user name or the password is invalid. Consult your system administrator.
Contains user and accounting information.
Contains login history.
Contains last login time stamps.
Mail directory.
Message of the day.
Contains user information.
Stops logins. In a cluster there is also
/etc/nologin_{hostname}.
Suppresses mail notification, message of the day, and last
login time.
Commands: init(8), getty(8), mail(1), binmail(1), mailx(1), Mail(1), passwd(1), chfn(1), chsh(1), rlogin(1), shutdown(8)
Functions: getpass(3)
Files: matrix.conf(4), passwd(4), utmp(4)
Security