253 lines
4.1 KiB
HTML
253 lines
4.1 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>What login does</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux System Administrators Guide"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Logging In And Out"
|
|
HREF="log-in-and-out.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Logins via the network"
|
|
HREF="login-via-network.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="X and xdm"
|
|
HREF="x-xdm.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux System Administrators Guide: </TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="login-via-network.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 10. Logging In And Out</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x-xdm.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="WHAT-LOGIN-DOES"
|
|
></A
|
|
>10.3. What <B
|
|
CLASS="COMMAND"
|
|
>login</B
|
|
> does</H1
|
|
><P
|
|
>The <B
|
|
CLASS="COMMAND"
|
|
>login</B
|
|
> program takes care of
|
|
authenticating the user (making sure that the username and
|
|
password match), and of setting up an initial environment for
|
|
the user by setting permissions for the serial line and starting
|
|
the shell. </P
|
|
><P
|
|
> Part of the initial setup is outputting the contents of
|
|
the file <TT
|
|
CLASS="FILENAME"
|
|
>/etc/motd</TT
|
|
> (short for message of the
|
|
day) and checking for electronic mail. These can be disabled
|
|
by creating a file called <TT
|
|
CLASS="FILENAME"
|
|
>.hushlogin</TT
|
|
> in
|
|
the user's home directory. </P
|
|
><P
|
|
> If the file <TT
|
|
CLASS="FILENAME"
|
|
>/etc/nologin</TT
|
|
>
|
|
exists, logins are disabled. That file is typically
|
|
created by <B
|
|
CLASS="COMMAND"
|
|
>shutdown</B
|
|
> and relatives.
|
|
<B
|
|
CLASS="COMMAND"
|
|
>login</B
|
|
> checks for this file, and will
|
|
refuse to accept a login if it exists. If it does exist,
|
|
<B
|
|
CLASS="COMMAND"
|
|
>login</B
|
|
> outputs its contents to the terminal
|
|
before it quits. </P
|
|
><P
|
|
> <B
|
|
CLASS="COMMAND"
|
|
>login</B
|
|
> logs all failed login attempts in
|
|
a system log file (via <B
|
|
CLASS="COMMAND"
|
|
>syslog</B
|
|
>). It also logs
|
|
all logins by root. Both of these can be useful when tracking
|
|
down intruders. </P
|
|
><P
|
|
> Currently logged in people are listed in
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/var/run/utmp</TT
|
|
>. This file is valid only
|
|
until the system is next rebooted or shut down; it is cleared
|
|
when the system is booted. It lists each user and the terminal
|
|
(or network connection) he is using, along with some other useful
|
|
information. The <B
|
|
CLASS="COMMAND"
|
|
>who</B
|
|
>, <B
|
|
CLASS="COMMAND"
|
|
>w</B
|
|
>,
|
|
and other similar commands look in <TT
|
|
CLASS="FILENAME"
|
|
>utmp</TT
|
|
>
|
|
to see who are logged in. </P
|
|
><P
|
|
> All successful logins are recorded into
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/var/log/wtmp</TT
|
|
>. This file will grow without
|
|
limit, so it must be cleaned regularly, for example by having
|
|
a weekly <B
|
|
CLASS="COMMAND"
|
|
>cron</B
|
|
> job to clear it.
|
|
The <B
|
|
CLASS="COMMAND"
|
|
>last</B
|
|
> command browses
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>wtmp</TT
|
|
>. </P
|
|
><P
|
|
> Both <TT
|
|
CLASS="FILENAME"
|
|
>utmp</TT
|
|
> and
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>wtmp</TT
|
|
> are in a binary format (see the
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>utmp</TT
|
|
> manual page); it is unfortunately not
|
|
convenient to examine them without special programs. </P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="login-via-network.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-xdm.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Logins via the network</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="log-in-and-out.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>X and xdm</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |