Subject: Re: tty_login, tty_logout (was: pcvt and TIOCCONS)
To: David Carrel <carrel@cisco.com>
From: Perry E. Metzger <perry@piermont.com>
List: current-users
Date: 04/19/1996 17:43:05
David Carrel writes:
> >From my point of view the complexity is miniscule and the payoff large. If
> the callout program returns 0, then the login continues and the program may
> or may not have performed certain actions. If it returns non zero, the
> authorization fails and the login terminates. Since the default will be to
> not have any callout program, that case is easy. Making a shell script
> that always returns 0 (ie. may change devices, but never judges the
> validity of the user's requested access) is quite easy.
I agree with David on this. I haven't heard the greatest things about
login classes but this seems like a simple and very powerful tool for
putting hooks into logins on a per tty basis for all sorts of things
and I feel we should permit the facility to be used this way.
> I strongly disagree that there are two separate functions here. And I
> think it's a bad design decision to split the pieces apart. I really liked
> the original position you took that the problem solution should be simple
> and highly general.
Again, strongly agreed.
Perry