2 # Copyright 2008 Sun Microsystems, Inc. All rights reserved.
3 # Use is subject to license terms.
7 # The contents of this file are subject to the terms of the
8 # Common Development and Distribution License (the "License").
9 # You may not use this file except in compliance with the License.
11 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12 # or http://www.opensolaris.org/os/licensing.
13 # See the License for the specific language governing permissions
14 # and limitations under the License.
16 # When distributing Covered Code, include this CDDL HEADER in each
17 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18 # If applicable, add the following below this CDDL HEADER, with the
19 # fields enclosed by brackets "[]" replaced with your own identifying
20 # information: Portions Copyright [yyyy] [name of copyright owner]
25 # Set the TZ environment variable of the shell.
29 # ULIMIT sets the file size limit for the login. Units are disk blocks.
30 # The default of zero means no limit.
34 # If CONSOLE is set, root can only login on that device.
35 # If the specified device is /dev/console, then root can also log into
36 # any of the currently enabled /dev/vt/# virtual terminal devices.
37 # Comment this line out to allow remote login by root.
41 # PASSREQ determines if login requires a password.
45 # ALTSHELL determines if the SHELL environment variable should be set
49 # PATH sets the initial shell PATH variable
50 # sample with GNU tools in front of the path
51 # PATH=/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin
52 # sample with XPG4 tools in front of the path
53 # PATH=/usr/xpg4/bin:/usr/bin:/usr/sbin:/sbin
54 PATH=/usr/bin:/usr/sbin:/sbin:/usr/gnu/bin
56 # SUPATH sets the initial shell PATH variable for root
58 SUPATH=/usr/sbin:/sbin:/usr/bin
60 # TIMEOUT sets the number of seconds (between 0 and 900) to wait before
61 # abandoning a login session.
65 # UMASK sets the initial shell file creation mode mask. See umask(1).
69 # SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
70 # to log all root logins at level LOG_NOTICE and multiple failed login
71 # attempts at LOG_CRIT.
75 # SLEEPTIME controls the number of seconds that the command should
76 # wait before printing the "login incorrect" message when a
77 # bad password is provided. The range is limited from
82 # DISABLETIME If present, and greater than zero, the number of seconds
83 # login will wait after RETRIES failed attempts or the PAM framework returns
84 # PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.
88 # RETRIES determines the number of failed logins that will be
89 # allowed before login exits. Default is 5 and maximum is 15.
90 # If account locking is configured (user_attr(4)/policy.conf(4))
91 # for a local user's account (passwd(4)/shadow(4)), that account
92 # will be locked if failed logins equals or exceeds RETRIES.
96 # The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
97 # login attempts will be allowed by the system before a failed login
98 # message is logged, using the syslog(3) LOG_NOTICE facility. For example,
99 # if the variable is set to 0, login will log -all- failed login attempts.
101 #SYSLOG_FAILED_LOGINS=5