115 lines
2.6 KiB
Plaintext
115 lines
2.6 KiB
Plaintext
# $OpenBSD: login.conf,v 1.19 2021/04/25 16:36:56 mortimer Exp $
|
|
|
|
#
|
|
# Sample login.conf file. See login.conf(5) for details.
|
|
#
|
|
|
|
#
|
|
# Standard authentication styles:
|
|
#
|
|
# passwd Use only the local password file
|
|
# chpass Do not authenticate, but change user's password (change
|
|
# the YP password if the user has one, else change the
|
|
# local password)
|
|
# lchpass Do not login; change user's local password instead
|
|
# radius Use radius authentication
|
|
# reject Use rejected authentication
|
|
# skey Use S/Key authentication
|
|
# activ ActivCard X9.9 token authentication
|
|
# crypto CRYPTOCard X9.9 token authentication
|
|
# snk Digital Pathways SecureNet Key authentication
|
|
# tis TIS Firewall Toolkit authentication
|
|
# token Generic X9.9 token authentication
|
|
# yubikey YubiKey authentication
|
|
#
|
|
|
|
# Default allowed authentication styles
|
|
auth-defaults:auth=passwd,skey:
|
|
|
|
# Default allowed authentication styles for authentication type ftp
|
|
auth-ftp-defaults:auth-ftp=passwd:
|
|
|
|
#
|
|
# The default values
|
|
# To alter the default authentication types change the line:
|
|
# :tc=auth-defaults:\
|
|
# to read something like: (enables passwd, "myauth", and activ)
|
|
# :auth=passwd,myauth,activ:\
|
|
# Any value changed in the daemon class should be reset in default
|
|
# class.
|
|
#
|
|
default:\
|
|
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
|
|
:umask=022:\
|
|
:datasize-max=1024M:\
|
|
:datasize-cur=1024M:\
|
|
:maxproc-max=256:\
|
|
:maxproc-cur=128:\
|
|
:openfiles-max=1024:\
|
|
:openfiles-cur=512:\
|
|
:stacksize-cur=4M:\
|
|
:localcipher=blowfish,a:\
|
|
:tc=auth-defaults:\
|
|
:tc=auth-ftp-defaults:
|
|
|
|
#
|
|
# Settings used by /etc/rc and root
|
|
# This must be set properly for daemons started as root by inetd as well.
|
|
# Be sure to reset these values to system defaults in the default class!
|
|
#
|
|
daemon:\
|
|
:ignorenologin:\
|
|
:datasize=infinity:\
|
|
:maxproc=infinity:\
|
|
:openfiles-max=1024:\
|
|
:openfiles-cur=128:\
|
|
:stacksize-cur=8M:\
|
|
:tc=default:
|
|
|
|
#
|
|
# Staff have fewer restrictions and can login even when nologins are set.
|
|
#
|
|
staff:\
|
|
:datasize-cur=7936M:\
|
|
:datasize-max=infinity:\
|
|
:maxproc-max=512:\
|
|
:maxproc-cur=256:\
|
|
:ignorenologin:\
|
|
:requirehome@:\
|
|
:tc=default:
|
|
|
|
#
|
|
# Authpf accounts get a special motd and shell
|
|
#
|
|
authpf:\
|
|
:welcome=/etc/motd.authpf:\
|
|
:shell=/usr/sbin/authpf:\
|
|
:tc=default:
|
|
|
|
#
|
|
# Building ports with DPB uses raised limits
|
|
#
|
|
pbuild:\
|
|
:datasize-max=infinity:\
|
|
:datasize-cur=8192M:\
|
|
:maxproc-max=1024:\
|
|
:maxproc-cur=384:\
|
|
:stacksize-cur=8M:\
|
|
:priority=5:\
|
|
:tc=default:
|
|
|
|
#
|
|
# Override resource limits for certain daemons started by rc.d(8)
|
|
#
|
|
bgpd:\
|
|
:openfiles=512:\
|
|
:tc=daemon:
|
|
|
|
unbound:\
|
|
:openfiles=512:\
|
|
:tc=daemon:
|
|
|
|
xenodm:\
|
|
:openfiles=512:\
|
|
:tc=daemon:
|