[message edited because the original was bounced for obscenity]

In message <199811241444.JAA06269@grosse.fugue.com>, Ted Lemon writes:
>Can you please say what login classes do, and how you would use them?
>(I'm not *trying* to be an donkey crevasse here, BTW - you just keep handing
>me straight lines.)

No problem.

Login classes are a way of identifying users by what "type" of user they
are.  For instance, on BSD/OS, the default class is:

default:\
        :path=/bin /usr/bin /usr/contrib/bin /usr/X11/bin:\
        :datasize-cur=16M:\
        :maxproc-max=128:\
        :maxproc-cur=64:\
        :radius-challenge-styles=activ,crypto,skey,snk,token:\
        :tc=auth-bsdi-defaults:\
        :tc=auth-ftp-bsdi-defaults:

and the 'daemon' class (which root is in) is
daemon:\
        :path=/sbin /usr/sbin /bin /usr/bin /usr/contrib/bin /usr/X11/bin:\
        :widepasswords:\
        :datasize-cur=32M:\
        :maxproc=infinity:\
        :openfiles-cur=128:\
        :umask=022:\
        :tc=default:

('widepasswords' enables the 128-character password format.)  limit-cur is
the limit you get when you log in, limit-max is the highest you can unlimit
it to without having to be superuser.

As an example of a login class used for a specific application, consider:

news:\
        :path=/bin /usr/bin /usr/contrib/bin /usr/contrib/lib/news/bin:\
        :datasize=infinity:\
        :maxproc=256:\
        :openfiles-cur=256:\
        :datasize-cur=64M:\
        :stacksize-cur=16M:\
        :tc=default:

This is used to spawn INN with the typically larger space requirements it has.

Basically, login classes are an excellent administrative tool.  It is a mere
side effect that one of the features of them is the ability to set things
like 'ftp-auth=[style]'.  ;)

-s