Fincer
/
openntpd-openbsd
mirror of https://github.com/Fincer/openntpd-openbsd
1
0
Fork 0
Code Issues 0 Projects 0 Releases 61 Wiki Activity
Browse Source

end experimental login.conf template support. one file per machine. 

ok deraadt millert
OPENBSD_5_6
tedu 10 years ago
parent
0556b9e168
commit
f57f1925af
21 changed files with 1742 additions and 57 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -5
      src/etc/Makefile
  2. +12
    -12
      src/etc/etc.alpha/login.conf
  3. +96
    -0
      src/etc/etc.amd64/login.conf
  4. +96
    -0
      src/etc/etc.armish/login.conf
  5. +96
    -0
      src/etc/etc.armv7/login.conf
  6. +96
    -0
      src/etc/etc.aviion/login.conf
  7. +96
    -0
      src/etc/etc.hppa/login.conf
  8. +96
    -0
      src/etc/etc.hppa64/login.conf
  9. +96
    -0
      src/etc/etc.i386/login.conf
  10. +96
    -0
      src/etc/etc.landisk/login.conf
  11. +96
    -0
      src/etc/etc.loongson/login.conf
  12. +96
    -0
      src/etc/etc.luna88k/login.conf
  13. +96
    -0
      src/etc/etc.macppc/login.conf
  14. +96
    -0
      src/etc/etc.octeon/login.conf
  15. +96
    -0
      src/etc/etc.sgi/login.conf
  16. +96
    -0
      src/etc/etc.socppc/login.conf
  17. +96
    -0
      src/etc/etc.sparc/login.conf
  18. +96
    -0
      src/etc/etc.sparc64/login.conf
  19. +96
    -0
      src/etc/etc.vax/login.conf
  20. +96
    -0
      src/etc/etc.zaurus/login.conf
  21. +0
    -40
      src/etc/mklogin.conf

+ 2
- 5
src/etc/Makefile View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.350 2014/03/24 20:40:03 sthen Exp $
# $OpenBSD: Makefile,v 1.351 2014/03/26 20:17:00 tedu Exp $
TZDIR= /usr/share/zoneinfo TZDIR= /usr/share/zoneinfo
LOCALTIME= Canada/Mountain LOCALTIME= Canada/Mountain
@ -36,6 +36,7 @@ BIN1= changelist csh.cshrc csh.login csh.logout daily dhcpd.conf \
netstart networks newsyslog.conf printcap protocols \ netstart networks newsyslog.conf printcap protocols \
rbootd.conf rc rc.conf rc.local rc.securelevel rc.shutdown \ rbootd.conf rc rc.conf rc.local rc.securelevel rc.shutdown \
remote rpc services shells syslog.conf weekly \ remote rpc services shells syslog.conf weekly \
etc.${MACHINE}/login.conf \
etc.${MACHINE}/disktab dhclient.conf mailer.conf ntpd.conf \ etc.${MACHINE}/disktab dhclient.conf mailer.conf ntpd.conf \
moduli pf.os sensorsd.conf ifstated.conf mixerctl.conf moduli pf.os sensorsd.conf ifstated.conf mixerctl.conf
@ -104,10 +105,6 @@ distribution-etc-root-var: distrib-dirs
chown ${BINOWN} ${DESTDIR}/etc/fbtab && \ chown ${BINOWN} ${DESTDIR}/etc/fbtab && \
chgrp ${BINGRP} ${DESTDIR}/etc/fbtab && \ chgrp ${BINGRP} ${DESTDIR}/etc/fbtab && \
chmod 644 ${DESTDIR}/etc/fbtab chmod 644 ${DESTDIR}/etc/fbtab
awk -f mklogin.conf `test -f etc.${MACHINE}/login.conf.overrides && echo etc.${MACHINE}/login.conf.overrides` < login.conf.in > \
${DESTDIR}/etc/login.conf && \
chown ${BINOWN}:${BINGRP} ${DESTDIR}/etc/login.conf && \
chmod 644 ${DESTDIR}/etc/login.conf
${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 ${BIN2} ${DESTDIR}/etc ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 ${BIN2} ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 hosts.equiv ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 hosts.equiv ${DESTDIR}/etc
${INSTALL} -c -o root -g crontab -m 600 crontab ${DESTDIR}/var/cron/tabs/root ${INSTALL} -c -o root -g crontab -m 600 crontab ${DESTDIR}/var/cron/tabs/root


src/etc/login.conf.in → src/etc/etc.alpha/login.conf View File

@ -1,4 +1,4 @@
# $OpenBSD: login.conf.in,v 1.6 2012/02/06 21:25:13 sobrado Exp $
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
# #
# Sample login.conf file. See login.conf(5) for details. # Sample login.conf file. See login.conf(5) for details.
@ -43,13 +43,13 @@ auth-ftp-defaults:auth-ftp=passwd:
default:\ default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\ :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\ :umask=022:\
:datasize-max=@DEF_DATASIZE_MAX@:\
:datasize-cur=@DEF_DATASIZE_CUR@:\
:maxproc-max=@DEF_MAXPROC_MAX@:\
:maxproc-cur=@DEF_MAXPROC_CUR@:\
:openfiles-cur=@DEF_OPENFILES_CUR@:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\ :stacksize-cur=4M:\
:localcipher=blowfish,@DEF_BLOWFISH_RNDS@:\
:localcipher=blowfish,8:\
:ypcipher=old:\ :ypcipher=old:\
:tc=auth-defaults:\ :tc=auth-defaults:\
:tc=auth-ftp-defaults: :tc=auth-ftp-defaults:
@ -65,17 +65,17 @@ daemon:\
:maxproc=infinity:\ :maxproc=infinity:\
:openfiles-cur=128:\ :openfiles-cur=128:\
:stacksize-cur=8M:\ :stacksize-cur=8M:\
:localcipher=blowfish,@ROOT_BLOWFISH_RNDS@:\
:localcipher=blowfish,9:\
:tc=default: :tc=default:
# #
# Staff have fewer restrictions and can login even when nologins are set. # Staff have fewer restrictions and can login even when nologins are set.
# #
staff:\ staff:\
:datasize-cur=@STAFF_DATASIZE_CUR@:\
:datasize-max=@STAFF_DATASIZE_MAX@:\
:maxproc-max=@STAFF_MAXPROC_MAX@:\
:maxproc-cur=@STAFF_MAXPROC_CUR@:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\ :ignorenologin:\
:requirehome@:\ :requirehome@:\
:tc=default: :tc=default:

+ 96
- 0
src/etc/etc.amd64/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.armish/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.armv7/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.aviion/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.hppa/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.hppa64/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.i386/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.landisk/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.loongson/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.luna88k/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.macppc/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.octeon/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.sgi/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.socppc/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.sparc/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.sparc64/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.vax/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 96
- 0
src/etc/etc.zaurus/login.conf View File

@ -0,0 +1,96 @@
# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:

+ 0
- 40
src/etc/mklogin.conf View File

@ -1,40 +0,0 @@
#!/usr/bin/awk -f
#
# Generates a login.conf file from login.conf.in and an optional
# file containing overrides.
#
# Usage: mklogin.conf [overrides_file] < login.conf.in > login.conf.out
#
# $OpenBSD: mklogin.conf,v 1.8 2014/03/19 04:04:25 tedu Exp $
BEGIN {
# Default substitutions
values["DEF_DATASIZE_MAX"]="512M"
values["DEF_DATASIZE_CUR"]="512M"
values["DEF_MAXPROC_MAX"]="256"
values["DEF_MAXPROC_CUR"]="128"
values["DEF_OPENFILES_CUR"]="512"
values["STAFF_DATASIZE_MAX"]="infinity"
values["STAFF_DATASIZE_CUR"]="512M"
values["STAFF_MAXPROC_MAX"]="512"
values["STAFF_MAXPROC_CUR"]="128"
values["STAFF_OPENFILES_CUR"]="512"
values["DEF_BLOWFISH_RNDS"]="8"
values["ROOT_BLOWFISH_RNDS"]="9"
# Optional overrides
if (ARGC > 1) {
while (getline override < ARGV[1]) {
split(override, ov)
values[ov[1] ""]=ov[2] ""
}
ARGC--
}
}
# Read in login.conf template, do substitutions and output the result
{
for (key in values)
gsub("@" key "@", values[key], $0)
print $0
}

Write Preview
Loading…
Cancel
Save