LOGIN.DEFS
åå
説æ
åç§è¡¨
ãã°
é¢é£é ç®
èè
åå
/etc/login.defs − shadow ãã¹ã¯ã¼ãæ©è½ã®è¨å®
説æ
/etc/login.defs ãã¡ã¤ã«ã¯ shadow ãã°ã¤ã³æ©è½ã«å¯¾ãããµã¤ãåºæã®è¨- å®ãå®ç¾©ããã ãã®ãã¡ã¤ã«ã¯å¿ãåå¨ããªããã°ãªããªãã ãã®ãã¡ã¤ã«ãç¡ãã¦ãã·ã¹ãã éç¨ã¯å¯è½ã§ãããã ããããæã¾ãªãçµæã¨ãªãã ããã
ãã®ãã¡ã¤ã«ã¯èªã¿åãå¯è½ãªããã¹ããã¡ã¤ã«ã§ã ãã¡ã¤ã«ä¸ã®ä¸è¡ã«ã¤ãä¸ã¤ã®è¨- å®ãã©ã¡ã¼ã¿ãè¨å®ãã¦ããã åè¡ã§ã¯ãè¨- å®ãã©ã¡ã¼ã¿ã®ååã¨ãã®å¤ã空ç½ã§åºåããã¦ç¤ºãããã 空è¡ã¨ã³ã¡ã³ãè¡ã¯ç¡è¦ãããã ã³ã¡ã³ãè¡ã¯ ‘#’ è¨å·ã§å§ã¾ãã è¨å·‘#’ã¯ãã®è¡ã§ã®ç©ºç½ä»¥å¤ã®æåã®æå- ã§ãªããã°ãªããªãã
ãã©ã¡ã¼ã¿å¤ã¯åã¤ã®åãåããã¨ãã§ããã æååã»ãã¼ã«åã»æ°å¤ã»å精度æ°å¤ãã§ããã æååã«ã¯å¨ã¦ã®å°åå¯è½æåã使ããã ãã¼ã«åãã©ã¡ã¼ã¿ã®å¤ã¯ ‘‘yes’’ ã ‘‘no’’ ã®ããããã§ãªããã°ãªããªãã å¤ã®æå®ããã¦ããªããã¼ã«åãã©ã¡ã¼ã¿ãã ‘‘yes’’, ‘‘no’’ 以å¤ãæå®ããããã¼ã«åãã©ã¡ã¼ã¿ã®å¤ã¯ ‘‘no’’ã¨ãããã (å精度ããã³å精度) æ°å¤ã¯ã 10 é²æ°ã (æ°å¤ã®åã« ‘‘0’’ ãä»ãã) 8 é²æ°ã (æ°å¤ã®åã« ‘‘0x’’ ãä»ãã) 16 é²æ°ã®ããããã§æå®ããã å精度ã»å精度æ°å¤ãã©ã¡ã¼ã¿ã®æ大å¤ã¯è¨ç®æ©ã«ä¾åããã
以ä¸ã«ç¤ºããããªè¨å®é ç®ããã:
CHFN_AUTH (ãã¼ã«å¤)
ãã yes ãªãã chfn, chsh 両ãã- ã°ã©ã ã¯ãã¹ã¼ãã¼ã¦ã¼ã¶ãèµ·åããã®ã§ãªãéã ä½ããã®å¤æ´ãè¡ãªãåã«ãã¹ã¯ã¼ããå°ããã
CHFN_RESTRICT (æåå)
ãã®ãã©ã¡ã¼ã¿ã¯ passwd ãã¡ã¤ã«ã® gecos ãã£ã¼ã«ãã®ãã¡ã ä¸è¬ã¦ã¼ã¶ã chfn ã使ã£ã¦å¤æ´ã§ãããã£ã¼ã«ããæå®ããã æå®ããæåå㯠f, r, w, h åæå- ã®ä»»æã®çµã¿åããã§ããããããã«ãã¼ã ãé¨å±çªå·ã è·å ´é»è©±çªå·ãèªå®é»è©±çªå·ãæå³ããã æå®ãããªãã£ãå ´åã¯ãã¹ã¼ãã¼ã¦ã¼ã¶ã ããå¨ã¦ã®é ç®ãå¤æ´ã§ããã æãå¶éããã¤ããããå ´åã¯ã chfn ã SUID ã§ã¯ã¤ã³ã¹ãã¼ã«ããªããã°ããã
GID_MAX (æ°å¤)
GID_MIN (æ°å¤)
useradd ããã°ã©ã ããã³ groupadd ããã°ã©ã ãã°ã«ã¼ã ID ãé¸æããæã®ç¯å²ã
MAIL_DIR (æåå)
ã¡ã¼ã«ã¹ãã¼ã«ãã£ã¬ã¯ããªã ããã¦ã¼ã¶ã¢ã«ã¦ã³ããä¿®æ£ã»åé¤ãããéã«ã ãã®ã¦ã¼ã¶ã®ã¡ã¼ã«ããã¯ã¹ã«å¯¾ããä½æ¥ã®ããã«å¿è¦ã¨ãªãã æå®ãããªãã¨ãã³ã³ãã¤ã«æã®ããã©ã«ãå¤ãç¨ããããã
PASS_MAX_DAYS (æ°å¤)
ä¸ã¤ã®ãã¹ã¯ã¼ãã使ããæé·æ¥æ°ã ãã¹ã¯ã¼ãããã®æ¥æ°ãããå¤ãå ´åã¯ãå¤æ´ããããå¼·å¶ãããã æå®ããã¦ããªãå ´å㯠−1 ã¨ãªã (ãã®å¶éæ©è½ãç¡å¹ã«ãã)ã
PASS_MIN_DAYS (æ°å¤)
ãã¹ã¯ã¼ããå¤æ´ãã¦ãã次ã«å¤æ´ã§ããããã«ãªãã¾ã§ã®æçæ¥æ°ã ãã®æ¥æ°ãçµããªããã¡ã«ãã¹ã¯ã¼ããå¤æ´ãããã¨ãã¦ãæå¦ãããã æå®ããã¦ããªãå ´å㯠−1 ã¨ãªã (ãã®å¶éæ©è½ãç¡å¹ã«ãã)ã
PASS_WARN_AGE (æ°å¤)
ãã¹ã¯ã¼ãã®æå¹æéãæ¥ãåã«è¦åãçºããæéã®æ¥æ°ã ã¼ã- ã«ãã¦ããã¨ãæéåãã®å½æ¥ã«ã®ã¿è¦åãè¡ãã è² ã®æ°ãæå®ããå ´åã¯ä¸åè- ¦åãè¡ããªãã æå®ããã¦ããªãå ´åã¯è¦åãè¡ããªãã
PASS_MAX_DAYS, PASS_MIN_DAYS, PASS_WARN_AGE ã¯ã¢ã«ã¦ã³ããä½ãã¨ãã«ã ãå©ç¨ãããã ãããã®è¨å®ãå¤æ´ãã¦ããæ¢å- ã®ã¢ã«ã¦ã³ãã«ã¯å½±é¿ããªãã
UID_MAX (æ°å¤)
UID_MIN (æ°å¤)
useradd ããã°ã©ã ãã¦ã¼ã¶ ID ãé¸æããæã®ç¯å²ã
UMASK (æ°å¤)
許å¯å±æ§ãã¹ã¯ããã®å¤ã«åæåããã æå®ããã¦ããªãå ´åã¯ã許å¯å±æ§ãã¹ã¯ã¯ 077 ã«åæåãããã
USERDEL_CMD (æåå)
å®ç¾©ããã¦ããã¨ãã¦ã¼ã¶ãåé¤ããã¨ãã«ãã®ã³ãã³ããå®è¡ãããã åé¤ãããã¦ã¼ã¶ (æåã®å¼ãæ°ã«æ¸¡ããã) ã® at/cron/print ã¸ã§ããªã©ãåé¤ããã³ãã³ãã«ãã¦ããã¨ããã
åç§è¡¨
以ä¸ã®åç§è¡¨ã¯ã shadow ãã¹ã¯ã¼ãæ©è½ã®ã©ã®ããã°ã©ã ã ã©ã®ãã©ã¡ã¼ã¿ã使ç¨ãããã示ãããã®ã§ããã
|
chfn |
CHFN_AUTH CHFN_RESTRICT |
||
|
chsh |
CHFN_AUTH |
||
|
groupadd |
GID_MAX GID_MIN |
||
|
newusers |
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK |
||
|
pwconv |
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE |
||
|
useradd |
GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN UMASK |
||
|
userdel |
MAIL_DIR USERDEL_CMD |
||
|
usermod |
MAIL_DIR |
ãã°
shadow ãã¹ã¯ã¼ãæ©è½ã«ãã£ã¦æä¾ããã¦ããæ©è½ã®å¤§é¨åã¯ã ç¾å¨ã¯ PAM ã«ãã£ã¦å¦çããã¦ããã ãããã£ã¦ã login(1), passwd(1), su(1) ãªã©ã®ãã- ã°ã©ã ã¯ããã¯ã /etc/login.defs ãç¨ããªãã 対å¿ãã PAM ã®è¨- å®ãã¡ã¤ã«ã調ã¹ãããã«ãã¦ã»ããã
é¢é£é ç®
login(1), passwd(1), su(1), passwd(5), shadow(5), pam(8)
èè
Julianne Frances Haugh (jockgrrl@ix.netcom.com)
Chip Rosenthal (chip@unicom.com)