LOGIN.ACCESS(5) - man page online | file formats

Login access control table.

March 21, 2003
LOGIN.ACCESS(5)                      BSD File Formats Manual                      LOGIN.ACCESS(5)


login.access — login access control table


The login.access file specifies on which ttys or from which hosts certain users are allowed to login. At login, the /etc/login.access file is checked for the first entry that matches a specific user/host or user/tty combination. That entry can either allow or deny login access to that user. Each entry have three fields separated by colon: · The first field indicates the permission given if the entry matches. It can be either “+” (allow access) or “-” (deny access) . · The second field is a comma separated list of users or groups for which the current entry applies. NIS netgroups can used (if configured) if preceded by @. The magic string ALL matches all users. A group will match if the user is a member of that group, or it is the user's primary group. · The third field is a list of ttys, or network names. A network name can be either a hostname, a domain (indicated by a starting period), or a netgroup. As with the user list, ALL matches anything. LOCAL matches a string not containing a period. If the string EXCEPT is found in either the user or from list, the rest of the list are exceptions to the list before EXCEPT.


If there's a user and a group with the same name, there is no way to make the group match if the user also matches.




The login_access() function was written by Wietse Venema. This manual page was written for Heimdal.
HEIMDAL March 21, 2003 HEIMDAL
This manual Reference Other manuals
login.access(5) referred by access.conf(5) | login.heimdal(1)
refer to login(1)