void-packages/srcpkgs/shadow/files/login.defs

87 lines
2.3 KiB
Plaintext

# Configuration file for login(1). For more information see
# login.defs(5).
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you do define both, MAIL_DIR takes precedence.
#
MAIL_DIR /var/spool/mail
#MAIL_FILE .mail
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires.
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
# Min/max values for automatic uid selection in useradd
UID_MIN 1000
UID_MAX 60000
# System accounts
SYS_UID_MIN 100
SYS_UID_MAX 999
# Min/max values for automatic gid selection in groupadd
GID_MIN 1000
GID_MAX 60000
# System accounts
SYS_GID_MIN 100
SYS_GID_MAX 999
# If useradd should create home directories for users by default
CREATE_HOME yes
# This enables userdel to remove user groups if no members exist.
USERGROUPS_ENAB yes
# Disable MOTD_FILE (empty); use pam_motd(8) instead.
MOTD_FILE
# If defined, either full pathname of a file containing device names or
# a ":" delimited list of device names. Root logins will be allowed only
# upon these devices.
#
CONSOLE /etc/securetty
# Terminal permissions
#
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
# If you have a "write" program which is "setgid" to a special group
# which owns the terminals, define TTYGROUP to the group number and
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
# TTYPERM to either 622 or 600.
#
TTYGROUP tty
TTYPERM 0600
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
# UMASK Default "umask" value.
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
# The ULIMIT is used only if the system supports it.
# (now it works with setrlimit too; ulimit is in 512-byte units)
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
UMASK 022
# Max number of login retries if password is bad
#
LOGIN_RETRIES 5
#
# Max time in seconds for login
#
LOGIN_TIMEOUT 60