OpenLDAP: using FreeBSD's /etc/login.conf attributes with external LDAP users?

O. Hartmann ohartman at
Wed Jan 20 09:56:42 UTC 2016

Using lates net/openldap24-server with FreeBSD as server and login target for
several users results in a problem.

Via attribute :rquirehome: in /etc/login.conf (i.e. added to class "standard")
one can prevent users from login without a valid home directory. Otherwise a
user with a valid LDAP entry will end up in "/". I'd like to add a standard
class for any user log in (via ssh) on that specific server (only administrative
staff has local logins in /etc/passwd, all users are located in LDAP DIT).

I searched the net for solutions and found one suggesting reverting the
"default" behaviour to have :requirehome: and use another class for all users
local in /etc/master.passwd (i.e. "privileged") - but this seems somehow odd
and in a hurry, updating software or similar, new facility users, like the
recently added user "_ypldap" will end up in the default class with
prerquisited a daemon will fail with. I think this could be too much of a

So, the question is whether there is a more elegant/semantic way to do so.

Please CC me, I do not subscribe this list,

thanks in advance and kind regards,


More information about the freebsd-questions mailing list