Subject: misc/35057: login.conf should have a default
To: None <misc-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <seebs@knives.seebs.net>
List: netbsd-bugs
Date: 11/15/2006 10:20:01
>Number: 35057
>Category: misc
>Synopsis: There should be a default login.conf file showing how to use it
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: misc-bug-people
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Wed Nov 15 10:20:01 +0000 2006
>Originator: seebs@knives.seebs.net
>Release: NetBSD 4.99.3
>Organization:
>Environment:
System: NetBSD knives.seebs.net 4.99.3 NetBSD 4.99.3 (KNIVES) #0: Thu Nov 9 06:45:16 CST 2006 root@knives.seebs.net:/usr/src/sys/arch/i386/compile/KNIVES i386
Architecture: i386
Machine: i386
>Description:
There is no default /etc/login.conf, so people don't even know it's
there, to know that they should look at the docs for it.
>How-To-Repeat:
Look in /etc. Try to remember whether NetBSD even supports
login.conf.
>Fix:
Here's a very rough first draft. It's better than nothing. Since
everything's commented, it has no immediate effects, but gives users some
examples.
# login.conf sets defaults for users based on login classes; see passwd(5)
# and login.conf(5) for details.
# examples:
# let members of "staff" class login even when ignorenologin file exists,
# and give extra priority; also require longer passwords
#
# staff|System Staff:\
# :ignorenologin:priority=-5:minpasswordlen=8:
#
# sample default: requires home directory to log in at all
#
# default:\
# :requirehome:
#
# give daemons the traditional root path, and restrictive umask
#
# daemon:\
# :umask=077:path=/bin /usr/bin /sbin /usr/sbin:
#
# limit the damage a particular user can do:
# luser:\
# :maxproc=4:datasize=64m:stacksize-cur=1m:stacksize-max=2m:priority=5:\
# :openfiles=16:
#