diff options
author | guido <guido@FreeBSD.org> | 1994-08-21 19:26:22 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 1994-08-21 19:26:22 +0000 |
commit | cec2fb9e659008b040493c48cd67ddbabfe892d9 (patch) | |
tree | 2a64077f9871e464ae6f709a8bf4e1b2cc63c8d9 /usr.bin/login/login.access.5 | |
parent | 06cda8b161f5aecccf1bfe68bf046a1129a9eb2b (diff) | |
download | FreeBSD-src-cec2fb9e659008b040493c48cd67ddbabfe892d9.zip FreeBSD-src-cec2fb9e659008b040493c48cd67ddbabfe892d9.tar.gz |
Add skey supprot
Reviewed by:
Submitted by: guido
Diffstat (limited to 'usr.bin/login/login.access.5')
-rw-r--r-- | usr.bin/login/login.access.5 | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/usr.bin/login/login.access.5 b/usr.bin/login/login.access.5 new file mode 100644 index 0000000..28d423c --- /dev/null +++ b/usr.bin/login/login.access.5 @@ -0,0 +1,50 @@ +.\" this is comment +.Dd April 30, 1994 +.Dt SKEY.ACCESS 5 +.Os FreeBSD 1.2 +.Sh NAME +.Nm login.access +.Nd Login access control table +.Sh DESCRIPTION +The +.Nm login.access +file specifies (user, host) combinations and/or (user, tty) +combinations for which a login will be either accepted or refused. +.Pp +When someone logs in, the +.Nm login.access +is scanned for the first entry that +matches the (user, host) combination, or, in case of non-networked +logins, the first entry that matches the (user, tty) combination. The +permissions field of that table entry determines whether the login will +be accepted or refused. +.Pp +Each line of the login access control table has three fields separated by a +":" character: permission : users : origins + +The first field should be a "+" (access granted) or "-" (access denied) +character. The second field should be a list of one or more login names, +group names, or ALL (always matches). The third field should be a list +of one or more tty names (for non-networked logins), host names, domain +names (begin with "."), host addresses, internet network numbers (end +with "."), ALL (always matches) or LOCAL (matches any string that does +not contain a "." character). If you run NIS you can use @netgroupname +in host or user patterns. + +The EXCEPT operator makes it possible to write very compact rules. + +The group file is searched only when a name does not match that of the +logged-in user. Only groups are matched in which users are explicitly +listed: the program does not look at a user's primary group id value. +.Sh FILES +.Bl -tag -width /etc/login.access -compact +.It Pa /etc/login.access +The +.Nm login.access +file resides in +.Pa /etc . +.El +.Sh SEE ALSO +.Xr login 1 +.Sh AUTHOR +Guido van Rooij |