50 lines
2.0 KiB
Groff
50 lines
2.0 KiB
Groff
|
.\" Title: login.access
|
||
|
.\" Author:
|
||
|
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
|
||
|
.\" Date: 20.07.2006
|
||
|
.\" Manual: Filformat och konversioner
|
||
|
.\" Source: Filformat och konversioner
|
||
|
.\"
|
||
|
.TH "LOGIN.ACCESS" "5" "20\-07\-2006" "Filformat och konversioner" "Filformat och konversioner"
|
||
|
.\" disable hyphenation
|
||
|
.nh
|
||
|
.\" disable justification (adjust text to left margin only)
|
||
|
.ad l
|
||
|
.SH "NAMN"
|
||
|
login.access \- login access control table
|
||
|
.SH "BESKRIVNING"
|
||
|
.PP
|
||
|
The
|
||
|
\fIlogin.access\fR
|
||
|
file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused.
|
||
|
.PP
|
||
|
When someone logs in, the
|
||
|
\fIlogin.access\fR
|
||
|
is scanned for the first entry that matches the (user, host) combination, or, in case of non\-networked logins, the first entry that matches the (user, tty) combination. The permissions field of that table entry determines whether the login will be accepted or refused.
|
||
|
.PP
|
||
|
Each line of the login access control table has three fields separated by a ":" character:
|
||
|
.PP
|
||
|
|
||
|
\fIpermission\fR:\fIusers\fR:\fIorigins\fR
|
||
|
.PP
|
||
|
The first field should be a "\fI+\fR" (access granted) or "\fI\-\fR" (access denied) character. The second field should be a list of one or more login names, group names, or
|
||
|
\fIALL\fR
|
||
|
(always matches). The third field should be a list of one or more tty names (for non\-networked logins), host names, domain names (begin with "."), host addresses, internet network numbers (end with "."),
|
||
|
\fIALL\fR
|
||
|
(always matches) or
|
||
|
\fILOCAL\fR
|
||
|
(matches any string that does not contain a "." character). If you run NIS you can use @netgroupname in host or user patterns.
|
||
|
.PP
|
||
|
The
|
||
|
\fIEXCEPT\fR
|
||
|
operator makes it possible to write very compact rules.
|
||
|
.PP
|
||
|
The group file is searched only when a name does not match that of the logged\-in user. Only groups are matched in which users are explicitly listed: the program does not look at a user's primary group id value.
|
||
|
.SH "FILER"
|
||
|
.TP 3n
|
||
|
\fI/etc/login.defs\fR
|
||
|
Shadow password suite configuration.
|
||
|
.SH "SE OCKSÅ"
|
||
|
.PP
|
||
|
\fBlogin\fR(1).
|