NAME¶
login.access —
login access control
table
DESCRIPTION¶
The
login.access file specifies on which ttys or from which
hosts certain users are allowed to login.
At login, the
/etc/login.access file is checked for the first
entry that matches a specific user/host or user/tty combination. That entry
can either allow or deny login access to that user.
Each entry have three fields separated by colon:
- The first field indicates the permission given if the
entry matches. It can be either “+” (allow access) or
“-” (deny access) .
- The second field is a comma separated list of users or
groups for which the current entry applies. NIS netgroups can used (if
configured) if preceeded by @. The magic string ALL matches all users. A
group will match if the user is a member of that group, or it is the
user's primary group.
- The third field is a list of ttys, or network names. A
network name can be either a hostname, a domain (indicated by a starting
period), or a netgroup. As with the user list, ALL matches anything. LOCAL
matches a string not containing a period.
If the string EXCEPT is found in either the user or from list, the rest of the
list are exceptions to the list before EXCEPT.
BUGS¶
If there's a user and a group with the same name, there is no way to make the
group match if the user also matches.
SEE ALSO¶
login(1)
AUTHORS¶
The
login_access() function was written by Wietse Venema. This
manual page was written for Heimdal.