LOGIN(1) Linux Administrator's Manual LOGIN(1)NAMElogin - Begin session on the system
SYNOPSISlogin [ -p ] [ -h host ] [ -H ] [ -f username | username ]
DESCRIPTIONlogin is used when signing onto a system. If no argument is given,
login prompts for the username.
The user is then prompted for a password, where approprate. Echoing is
disabled to prevent revealing the password. Only a small number of
password failures are permitted before login exits and the communica‐
tions link is severed.
If password aging has been enabled for the account, the user may be
prompted for a new password before proceeding. He will be forced to
provide his old password and the new password before continuing. Please
refer to passwd(1) for more information.
The user and group ID will be set according to their values in the
file. There is one exception if the user ID is zero: in this case, only
the primary group ID of the account is set. This should prevent that
the system adminitrator cannot login in case of network problems. The
value for $HOME, $SHELL, $PATH, $LOGNAME, and $MAIL are set according
to the appropriate fields in the password entry. $PATH defaults to
/usr/local/bin:/bin:/usr/bin:. for normal users, and to
/sbin:/bin:/usr/sbin:/usr/bin for root if not other configured. The
environment variable $TERM will be preserved, if it exists (other envi‐
ronment variables are preserved if the -p option is given) or be ini‐
tialize to the terminal type on your tty line, as specified in
/etc/ttytype.
Then the user's shell is started. If no shell is specified for the user
in /etc/passwd, then /bin/sh is used. If there is no directory speci‐
fied in /etc/passwd, then / is used (the home directory is checked for
the .hushlogin file described above).
login reads the /etc/login.defs(5) configuration file. Please refer to
this documentaion for options which could be set.
OPTIONS-p Used by getty(8) to tell login not to destroy the environment
-f Used to skip a second login authentication. This option is dep‐
recated and should not be used. It does specifically not work
for root. Using this option also means, that not all PAM func‐
tions are called.
-h Used by other servers (i.e., telnetd(8)) to pass the name of the
remote host to login so that it may be placed in utmp and wtmp.
Only the superuser may use this option.
-H Used by other servers (i.e., telnetd(8)) to tell login that
printing the hostname should be suppressed in the login: prompt.
FILES
/var/run/utmp - list of current login sessions
/var/log/wtmp - list of previous login sessions
/etc/passwd - user account information
/etc/shadow - encrypted passwords and age information
/etc/motd - system message file
/etc/login.defs - configuration file
SEE ALSOinit(8), getty(8), mail(1), passwd(1), passwd(5), environ(7), shut‐
down(8), login.defs(5)BUGS
A recursive login, as used to be possible in the good old days, no
longer works; for most purposes su(1) is a satisfactory substitute.
Indeed, for security reasons, login does a vhangup() system call to
remove any possible listening processes on the tty. This is to avoid
password sniffing. If one uses the command "login", then the surround‐
ing shell gets killed by vhangup() because it's no longer the true
owner of the tty. This can be avoided by using "exec login" in a top-
level shell or xterm.
AUTHOR
Derived from BSD login 5.40 (5/9/89) by Michael Glad (glad@daimi.dk)
for HP-UX
Ported to Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
Added new features: Thorsten Kukuk (kukuk@suse.de)
PAM Login 3.32 2. May 2007 LOGIN(1)
