]> git.ipfire.org Git - thirdparty/util-linux.git/blame - login-utils/README.poeigl
projects / thirdparty / util-linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Imported from util-linux-2.5 tarball.
[thirdparty/util-linux.git] / login-utils / README.poeigl
CommitLineData
6dbe3af9
KZ		 1README for init/getty/login, by poe@daimi.aau.dk
2
726f69e2 3This package contains simpleinit, agetty, and login programs for Linux.
6dbe3af9
KZ		 4Additional utilities included are: hostname, who, write, wall, users
5domainname, hostid, cage and mesg.
6
7Most of this software has been contributed by others, I basically just
8ported the things to Linux.
9
10About installation: See the bottom of this file. Check the Makefile!
11Be sure you know what you are doing! You may well be able to lock
726f69e2
KZ		 12yourself out from your machine. Especially: The init provided here
13(simpleinit) is NOT a SYSV compatible init and the inittab format
14is different.
6dbe3af9
KZ		 15
16If you are uncertain whether you got the latest version, check out
17
18 ftp://ftp.daimi.aau.dk:/pub/linux/poe/
19
726f69e2
KZ		 20Version 1.37 (15-Sep-95):
21 Added -I <initstring> and -w options to agetty.c for those that
22 use agetty with modems.
23
24Version 1.36 (25-Aug-95):
25 Enhanced /etc/usertty features with group support. Moved this part
26 of login.c to checktty.c. One can now define classes of hosts and
27 ttys and do access checking based on unix-group membership. See
28 login.1. Also time ranges for logins can be specified, for example
29 writing the line
30
31 joe [mon:tue:wed:thu:fri:8-16]@barracuda [mon:tue:wed:thu:fri:0-7:17-23]@joes.pc.at.home [sat:sun:0-23]@joes.pc.at.home
32
33 says that during working hours, Joe may rlogin from the host
34 barracuda, whereas outside working hours and in weekends Joe may
35 rlogin from his networked PC at home.
36
37 login.c: failures was not properly initialized, it now is. Also
38 made sure ALL failures are really logged to syslog.
39
40Version 1.35 (7-Aug-95):
41 login.c: Much improved features for the usertty file, allows
42 access control based on both hostnames/addresses and line. See the
43 about.usertty file and the man-page.
44
45 Fixed agetty so it doesn't fiddle with the ut_id field in the
46 utmp record, this should prevent growing utmps on systems with
47 more than 10 login lines. Fix suggested and checked by Alan Wendt
48 <alan@ezlink.com> in his agetty.1.9.1a.
49
50 Agetty now installs as agetty again, not as getty.
51 Updated man-page for login(1) to document /etc/usertty changes.
52
53 This has been tested on Linux 1.2.5 with GCC 2.5.8 and libc 4.5.26.
54
55Version 1.33a (20-Jun-95):
56 rchatfie@cavern.nmsu.edu ("rc.") suggested that I should remove
57 the #ifndef linux around the special logging of dial-up
58 logins. This is now done, so each login via a serial port
59 generates a separate DIALUP syslog entry.
60
61Version 1.33 (5-Jun-95):
62 Patch by Ron Sommeling <sommel@sci.kun.nl> and
63 jlaiho@ichaos.nullnet.fi (Juha Laiho) for agetty.c, used
64 to return a pointer to an automatic variable in get_logname().
65 Many patches from or via Rickard Faith <faith@cs.unc.edu>, fixing
66 man-pages etc, now defaults to using /var/log/wtmp and /var/run/utmp
67 according to the new FSSTND.
68
69 Fix in login.c for CPU eating bug when a remote telnet client dies
70 while logging in.
71
72 This is for Linux 1.2, GCC 2.6.2 or later.
73
74Version 1.32b (12-Mar-95):
75 Login now sets the tty group to "tty" instead of "other". Depending
76 on compile-time define USE_TTY_GROUP the tty mode is set to 0620 or
77 0600 instead of 0622. All as per suggestion by Rik Faith and the
78 linux-security list.
79 Write/wall now strips control chars except BEL (\007). Again after
80 suggestion by Rik Faith.
81
82Version 1.32a
83 Urgent security patch from Alvaro M. Echevarria incorporated into
84 login.c. This is really needed on machines running YP until
85 the libraries are fixed.
86
6dbe3af9
KZ		 87Version 1.32
88 Login now logs the ip-address of the connecting host to utmp as it
89 should.
90
91Version 1.31b (2-Feb-95):
92 Daniel Quinlan <quinlan@yggdrasil.com> and Ross Biro
93 <biro@yggdrasil.com> suggested a patch to login.c that allows for
94 shell scripts in the shell field of /etc/passwd, so one can now
95 have (as a line in /etc/passwd):
96 bye::1000:1000:Outlogger:/bin:echo Bye
97 Logging in as "bye" with no password simply echoes Bye on the screen.
98 This has applications for pppd/slip.
99
100Version 1.31a (28-Oct-94):
101 Scott Telford provided a patch for simpleinit, so executing reboot
102 from singleuser mode won't partially execute /etc/rc before
103 the reboot.
104
105Version 1.30 (17-Sep-94):
106 tobias@server.et-inf.fho-emden.de (Peter Tobias) has made a more
107 advanced hostname command that understands some options such as
108 -f for FQDN etc. I'll not duplicate his work. Use his hostname
109 package if you wish.
110
111 svm@kozmix.xs4all.nl (Sander van Malssen) provided more features
112 for the /etc/issue file in agetty. \U and \u now expand to the
113 number of current users.
114
115 It is now possible to state the value of TERM on the agetty command
116 line. This was also provided by Sander.
117
118 This has been built under Linux 1.1.42 with gcc 2.5.8 and libc 4.5.26.
119
120Version 1.29 (18-Aug-94):
121 Finally got around to making a real version after the numerous
122 alpha versions of 1.28. Scott Telford <st@epcc.ed.ac.uk> provided
123 a patch for write(1) to make it look more like BSD write.
124
125 Fixed login so that the .hushlogin feature works even with real
126 protective users mounted via NFS (ie. where root can't access
127 the user's .hushlogin file).
128
129 Cleaned up the code to make -Wall bearable.
130
131Version 1.28c (21-Jul-94):
132 Rik Faith reminded me that agetty should use the syslog
133 facility. It now does.
134
135Version 1.28b (30-May-94):
136 On suggestion from Jeremy Fitzhardinge <jeremy@suite.sw.oz.au>
137 I added -- as option delimiter on args passed from agetty to
138 login. Fixes -froot hole for other login programs. The login
139 program in this package never had that hole.
140
141Version 1.28a (16-May-94):
142 bill@goshawk.lanl.gov provided a couple of patches, one fixing
143 terminal setup in agetty, and reboot is now supposed to be
144 in /sbin according to FSSTND.
145
146Version 1.27 (10-May-94):
147 Changed login.c, so all bad login attempts are logged, and added
148 usertty security feature. See about.usertty for an explanation.
149 There's no longer a limit of 20 chars in the TERM environment
150 variable. Suggested by Nicolai Langfeldt <janl@math.uio.no>
151
152 Added #ifdef HAVE_QUOTA around quota checks. Enable them if
153 you have quota stuff in your libraries and kernel.
154 Also re-enabled set/getpriority() calls as we now have them,
155 and have had for a long time...
156
157 Now wtmp is locked and unlocked around writes to avoid mangling.
158 Due to Jaakko Hyv{tti <HYVATTI@cc.helsinki.fi>.
159
160 Wrt. agetty: A \o in /etc/issue now inserts the domainname, as
161 set by domainname(1). Sander van Malssen provided this.
162 This is being used under Linux 1.1.9
163
164 Beefed up the agetty.8 man-page to describe the /etc/issue
165 options. Added man-pages for wall, cage, who.
166
167Version 1.26 alpha (25-Apr-94):
168 Added patch from Bill Reynolds <bill@goshawk.lanl.gov> to
169 simpleinit, so it will drop into single user if /etc/rc
170 fails, eg. from fsck.
171
172Version 1.25 (9-Feb-94):
173 Agetty should now work with the Linux 0.99pl15a kernel.
174 ECHOCTL and ECHOPRT are no longer set in the termios struct.
175 Also made agetty accept both "tty baudrate" and "baudrate tty"
176 arguments.
177
178Version 1.24 (23-Jan-94): changes since 1.22
179 Christian von Roques <roques@juliet.ka.sub.org> provided a patch
180 that cleans up the handling of the -L option on agetty.
181 Rik Faith <faith@cs.unc.edu> enhanced several man-pages...
182
183Version 1.23 (11-Dec-93): changes since 1.21
184 Mitchum DSouza provided the hostid(1) code. It needs libc 4.4.4 or
185 later and a Linux 0.99.14 kernel or later. It can set and print
186 the world unique hostid of the machine. This may be used in
187 connection with commercial software licenses. God forbid!
188 I added the -v option, and munged the code a bit, so don't blame
189 Mitch if you don't like it.
190
191 I made the "cage" program. Using this as a shell in the passwd
192 file, enables one to let users log into a chroot'ed environment.
193 For those that have modem logins and are concerned about security.
194 Read the source for further info.
195
196 "who am i" now works.
197
198 The login program works with Yellow Pages (aka NIS) simply by
199 linking with an appropriate library containing a proper version
200 of getpwnam() and friends.
201
202Version 1.21 (30-Oct-93): changes since 1.20
203 In simpleinit.c: The boottime wtmp record is now written *after*
204 /etc/rc is run, to put a correct timestamp on it.
205 Daniel Thumim <dthumim@mit.edu> suggested this fix.
206
207 The source and Makefile is prepared for optional installation of
208 binaries in /sbin instead of /etc, and logfiles in /usr/adm instead
209 of /etc. See and change the Makefile to suit your preferences.
210 Rik Faith and Stephen Tweedie inspired this change.
211
212Version 1.20 (30-Jul-93): changes since 1.17:
213 Versions 1.18 and 1.19 were never made publically available.
214 Agetty now supports a -L switch that makes it force the CLOCAL flag.
215 This is useful if you have a local terminal attached with a partly
216 wired serial cable that does not pass on the Carrier Detect signal.
217
218 There's a domainname program like the hostname program; contributed
219 by Lars Wirzenius.
220
221 Simpleinit will now write a REBOOT record to wtmp on boot up. Time-
222 zone support is now optional in simpleinit. Both of these patches
223 were made by Scott Telford <st@epcc.ed.ac.uk>.
224
225 This is for Linux 0.99.11 or later.
226
227Version 1.17 (19-May-93): changes since 1.16:
228 Login, simpleinit and write should now work with shadow passwords
229 too. See the Makefile. Thanks to Anders Buch who let me have an
230 account on his SLS based Linux box on the Internet, so I could test
231 this. I should also thank jmorriso@rflab.ee.ubc.ca (John Paul Morrison)
232 who sent me the shadow patch to login.c
233
234Version 1.16 (24-Apr-93): changes since 1.15a:
235 Simpleinit now clears the utmp entry associated with the pid's that
236 it reaps if there is one. A few are still using simpleinit and this
237 was a popular demand. It also appends an entry to wtmp
238
239Version 1.15a (15-Mar-93): changes since 1.13a:
240 junio@shadow.twinsun.com (Jun Hamano) sent me a one-line fix
241 for occasional mangled issue-output from agetty.
242
243Version 1.13a (2-Mar-93): changes since 1.12a:
244 With the new LILO (0.9), there are more than one possible arg
245 to init, so Werner Almesberger <almesber@bernina.ethz.ch>
246 suggested that a loop over argv[] was made in boot_single() in
247 simpleinit.c
248
249Version 1.12a (24-Feb-93): changes since 1.11:
250 This is for Linux 0.99.6 or later. Built with gcc 2.3.3 and libc4.2
251 jrs@world.std.com (Rick Sladkey) told me that the setenv("TZ",..)
252 in login.c did more harm than good, so I commented it out.
253
254Version 1.11a (16-Feb-93): changes since 1.9a:
255 This is for Linux 0.99.5 or later.
256 Anthony Rumble <arumble@extro.ucc.su.OZ.AU> made me avare that
257 the patches for vhangup() from Steven S. Dick didn't quite work,
258 so I changed it.
259
260 Linus Torvalds provided another patch relating to vhangup, since
261 in newer Linuxen vhangup() doesn't really close all files, so we
262 can't just open the tty's again.
263
264Version 1.9a (18-Jan-93): changes since 1.8a:
265 Rick Faith sent me man-pages for most of the untilities in this
266 package. They are now included.
267
268 Steven S. Dick <ssd@nevets.oau.org> sent me a patch for login.c
269 so DTR won't drop during vhangup() on a modemline.
270
271 This is completely untested!! I haven't even had the time to
272 compile it yet.
273
274Version 1.8a (13-Dec-92): changes since 1.7:
275 This is for Linux 0.98.6 or later. Compiles with gcc2.2.2d7 and libc4.1
276
277 Bettered write/wall after fix from I forget who. Now wall can have
278 commandline args.
279
280 Fixed bug in who.c
281
282 Patched simpleinit.c with patch from Ed Carp, so it sets the timezone
283 from /etc/TZ. Should probably by be /etc/timezone.
284
285 Sander Van Malssen <sander@kozmix.hacktic.nl> provided a patch
286 for getty, so it can understand certain escapecodes in /etc/issue.
287
288 I hacked up a very simple substitute for a syslog() call, to try out
289 the logging. If you have a real syslog() and syslogd then use that!
290
291 The special vhangup.c file is out, it's in the official libc by now.
292 (and even in the libc that I have :-)
293
294 who, and write are now deprecated, get the better ones from one of
295 the GNU packages, shellutils I think.
296
297 Some people think that the simple init provided in this package is too
298 spartan, if you think the same, then get the SYSV compatible init
299 from Miquel van Smoorenburg <miquels@maestro.htsa.aha.nl>
300 Simpleinit will probably be deprecated in the future.
301
302Version 1.7: 26-Oct-92 changes since 1.6:
303 This is for Linux 0.97PL4 or later.
304
305 Thanks to Werner Almesberger, init now has support for a
306 singleuser mode.
307
308 Login now supports the -h <hostname> option, used in connection
309 with TCP/IP. (rlogin/telnet)
310
311 Getty writes an entry to /etc/wtmp when started, so last won't report
312 "still logged in" for tty's that have not been logged into since
313 the last user of that tty logged out. This patch was inspired by
314 Mitchum DSouza. To gain the full benefit of this, get the newest
315 last from the admutils-1.4.tar.Z package or later.
316
317Version 1.6 (29-Aug-92): changes since 1.5:
318 This is for Linux 0.97P1+ or later.
319
320 Login now uses the newly implemented vhangup() sys-call, to prevent
321 snooping on the tty.
322 An alternative getpass() function is now provided with login, because
323 I was told that the old one in libc didn't work with telnet and
324 or rlogin. I don't have a network or a kernel with TCP/IP so I haven't
325 tested the new one with telnet, but it is derived from BSD sources
326 that are supposed to work with networking.
327
328Version 1.5 (12-Aug-92): changes since 1.4
329 This is for Linux 0.97 or later, and has been built with gcc2.2.2
330
331 This release just puts in a few bugfixes in login.c and simpleinit.c
332
333Version 1.4 (4-Jul-92): changes since 1.3:
334 This is for Linux 0.96b, and has been built and tested with gcc 2.2.2.
335
336 Init now handles the SIGINT signal. When init gets a SIGINT it will
337 call /usr/bin/reboot and thereby gently reboot the machine. This
338 makes sense because after Linux 0.96B-PL1 the key-combination
339 Ctrl-Alt-Del may send a SIGINT to init instead of booting the
340 machine the hard way without syncing or anything.
341
342 You may want to get the admutils-1.1 package which includes a program
343 that will instruct the kernel to use the "gentle-reboot" procedure.
344
345Version 1.3 (14-Jun-92): changes since 1.2:
346 This is for Linux 0.96A.
347
348 The ioctl(TIOCSWINSZ) has been removed from login.c because it now
349 works :-).
350
351 login.c now supports a lastlog database.
352
353 Several programs and pieces of source that were included in the 1.2
354 package has been *removed* as they are incorporated into the new
355 libc. Other omitted parts such as last(1) has been replaced by
356 better versions, and can be found in the admutils package.
357
358 Agetty is now called getty and will be placed in /etc.
359
360 A few changes has been made to make it possible to compile the
361 stuff with GCC 2.x.
362
363Version 1.2 (28-Feb-92): changes since 1.1:
364 This is for Linux 0.12.
365
366 A couple of problems with simpleinit.c has been solved, thanks to
367 Humberto Zuazaga. So now init groks comments in /etc/inittab, and
368 handles the HUP and TSTP signals properly.
369
370 I added two small scripts to the distribution: users and mesg.
371
372 TERM is now carried through from /etc/inittab all the way to the
373 shell. Console tty's are special-cased, so the termcap entry in
374 /etc/inittab is overridden by the setting given at boot-time.
375 This requires a different patch to the kernel than that distributed
376 with version 1.1
377
378 Login no more sends superfluous chars from a password to the
379 shell. It also properly prints a NL after the password.
380
381 Agetty didn't set the erase character properly, it does now.
382
383 A few extra defines has been added to utmp.h
384
385 Several netters helped discover the bugs in 1.1. Thanks to them
386 all.
387
388Version 1.1 (released 19-Feb-92): Changes since 1.0:
389 A bug in simpleinit.c has been fixed, thanks to Pietro Castelli.
390 The definition of the ut_line field has been changed to track the
391 USG standard more closely, we now strip "/dev/" off the front.
392 Thanks to: Douglas E. Quale and Stephen Gallimore.
393
394 I have added a getlogin.c library routine, and a write(1) command.
395 I removed the qpl-init stuff. If people want to use it, they should
396 get it from the source. I don't want to hack on it anymore.
397
398 A couple of people reported problems with getty having problems
399 with serial terminals. That was correct. I borrowed a null-modem
400 from Tommy Thorn, and now the problems should be fixed. It seems
401 that there is kept a lot of garbage in the serial buffers, flush
402 them and it works like a charm. Getty does an ioctl(0, TCFLSH, 2)
403 for this.
404
405 The write.c code now doubles as code for a wall(1) program.
406
407Description of the various files:
408
409login.c The login program. This is a portation of BSD login, first
410 to HP-UX 8.0 by Michael Glad (glad@daimi.aau.dk), and
411 to Linux (initially to 0.12) by me.
412
413who.c A simple who(1) util. to list utmp. Done by me.
414 You may prefer the GNU who util. with more options
415 and features.
416
417hostname.c A hostname(1) command to get and set the hostname. I did
418 this too.
419
420domainname.c Like hostname, only reads out or sets the domainname.
421
422agetty.c The getty program. From comp.sources.misc, by W.Z. Venema.
423 Hacked a bit by me.
424
425simpleinit.c A simple init program, written by me. Uses /etc/inittab
426
427 A "kill -HUP" to init makes it re-read /etc/inittab.
428 A "kill -TSTP" to init makes it stop spawning gettys on the
429 ttys. A second "kill -TSTP" starts it again.
430 A kill -INT to init makes it attempt a reboot of the machine.
431 this works in connection with kernel support for softboot
432 when Ctrl-Alt-Del is pressed.
433
434 Init will start up in singleuser mode if /etc/singleboot
435 exists at boottime, or if it is given an argument of "single"
436 via eg. LILO. If /etc/securesingle exists it will ask for the
437 root password before starting single user.
438
439write.c A write(1) command, used to pass messages between users
440 at different terminals. This code doubles as code for
441 a wall(1) command. Make a symlink: /usr/bin/wall ->
442 /usr/bin/write for this.
443
444mesg A tiny shellscript, so you can avoid that other people write
445 to your shell.
446
447users Another script that uses awk(1) and tr(1) to process the
448 output from who(1) into a one-liner.
449 If you don't have awk, but have Perl, this does the same:
450
451 who | perl -ane 'print "$F[0] "'; echo ""
452
453pathnames.h:
454 Header.
455
456param.h
457 Header, extended with getdtablesize() macro, should go
458 in /usr/include/sys
459
460Building.
461---------
462A "make all" should do. At least it does for me.
463
464Installation:
465-------------
466
467login should go in /bin, if you don't like this change
468 pathnames.h and recompile at least agetty.
469
470getty, init Put them in SBINDIR
471
472who, hostname, write, wall, mesg, users:
473 /usr/bin
474
475securetty login needs this in /etc, defines which ttys that root
476 can login on. This should *never* include ttys{1,2}
477
478inittab the simpleinit code needs this in /etc. Note that the syntax
479 of /etc/inittab has little to do with the syntax of a real
480 SysV inittab. Edit this one for your local setup.
481
482shells The chsh program will use this if it's placed in /etc. It
483 defines the valid shell-programs. Have one abs. path on
484 each line.
485
486You can also do a "make install" as root, but don't just do it because I
487say so, check the Makefile first.
488
489"Make install" will install only the new binaries, and not motd, inittab,
490securetty and issue. To install these configuration files, do a
491"make Install".
492
493Getty requires a /dev/console to write errors to. I just made it a symlink
494to /dev/tty1. Because of a bug in the tty driver this errorlogging may
495cause the shell on tty1 to logout.
496
497Getty will print the contents of /etc/issue if it's present before asking
498for username. Login will print the contents of /etc/motd after successful
499login. Login doesn't print /etc/motd, and doesn't check for mail if
500~/.hushlogin is present and world readable.
501
502If /etc/nologin is present then login will print its contents and disallow
503any logins except root.
504It might be a good idea to have a "rm -f /etc/nologin" line in one's
505/etc/rc file.
506
507If /etc/securetty is present it defines which tty's that root can login on.
508
509 - Peter (poe@daimi.aau.dk)
Unnamed repository; edit this file 'description' to name the repository.