setting login.conf doesn't limit my users
Jez Hancock
jez.hancock at munk.nu
Sat Dec 27 12:47:41 PST 2003
On Sat, Dec 27, 2003 at 10:36:17AM -0500, Lowell Gilbert wrote:
> Alexander <amour at bugs.elitsat.net> writes:
>
> > after setting a new login classes in login.conf the users still don't get
> > limited and worse - they can change the limits by themselves !
> >
> > How do I restrict that ?
> >
> > I'm using FreeBSD 4.9-STABLE. Most of the users are using bash. They
> > are in the login class that should put them the limits and I ran cap_mkdb
> > /etc/login.conf after adding the new class. The users login via sshd.
> >
> > P.S. The FBSD handbook and the login.conf manpage doesn't help much. They
> > only say that I should put the limits I want in login.conf and everything
> > should be done. Do I miss something ?
>
> Well, for one thing sshd(8) doesn't use login(1) by default,
> so login.conf won't affect it at all. You can change that
> in login.conf(5), but doing so may have other consequences
> (I haven't had enough coffee today to remember what they
> could be; maybe checking mailing list archives would help).
I don't think this is true - whether or not login is called is dependent
on the shell set for each user - I may be wrong though :P.
All I *do* know is that I use sshd to login regularly and the login
capabilities I set in /etc/login.conf do take effect ok.
To the OP - it may help if you paste in the contents of your login caps
file /etc/login.conf or detail exactly what it is you're trying to
cap/restrict.
--
Jez Hancock
- System Administrator / PHP Developer
http://munk.nu/
http://jez.hancock-family.com/ - personal weblog
http://ipfwstats.sf.net/ - ipfw peruser traffic logging
More information about the freebsd-questions
mailing list