summaryrefslogtreecommitdiffstats
path: root/man/man5/login.access.5
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--man/man5/login.access.567
1 files changed, 67 insertions, 0 deletions
diff --git a/man/man5/login.access.5 b/man/man5/login.access.5
new file mode 100644
index 0000000..81e79ba
--- /dev/null
+++ b/man/man5/login.access.5
@@ -0,0 +1,67 @@
+'\" t
+.\" Title: login.access
+.\" Author: Marek MichaƂkiewicz
+.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
+.\" Date: 01/23/2020
+.\" Manual: File Formats and Conversions
+.\" Source: shadow-utils 4.8.1
+.\" Language: English
+.\"
+.TH "LOGIN\&.ACCESS" "5" "01/23/2020" "shadow\-utils 4\&.8\&.1" "File Formats and Conversions"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+login.access \- login access control table
+.SH "DESCRIPTION"
+.PP
+The
+\fIlogin\&.access\fR
+file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused\&.
+.PP
+When someone logs in, the
+\fIlogin\&.access\fR
+is scanned for the first entry that matches the (user, host) combination, or, in case of non\-networked logins, the first entry that matches the (user, tty) combination\&. The permissions field of that table entry determines whether the login will be accepted or refused\&.
+.PP
+Each line of the login access control table has three fields separated by a ":" character:
+.PP
+\fIpermission\fR:\fIusers\fR:\fIorigins\fR
+.PP
+The first field should be a "\fI+\fR" (access granted) or "\fI\-\fR" (access denied) character\&. The second field should be a list of one or more login names, group names, or
+\fIALL\fR
+(always matches)\&. The third field should be a list of one or more tty names (for non\-networked logins), host names, domain names (begin with "\&."), host addresses, internet network numbers (end with "\&."),
+\fIALL\fR
+(always matches) or
+\fILOCAL\fR
+(matches any string that does not contain a "\&." character)\&. If you run NIS you can use @netgroupname in host or user patterns\&.
+.PP
+The
+\fIEXCEPT\fR
+operator makes it possible to write very compact rules\&.
+.PP
+The group file is searched only when a name does not match that of the logged\-in user\&. Only groups are matched in which users are explicitly listed: the program does not look at a user\*(Aqs primary group id value\&.
+.SH "FILES"
+.PP
+/etc/login\&.defs
+.RS 4
+Shadow password suite configuration\&.
+.RE
+.SH "SEE ALSO"
+.PP
+\fBlogin\fR(1)\&.