名称

       login - 在系统上启动回话

大纲

       login [-p] [-h host] [用户名] [ENV=VAR...]

       login [-p] [-h host] -f 用户名

       login [-p] -r host

描述

       The login program is used to establish a new session with the system. It is normally
       invoked automatically by responding to the login: prompt on the user's terminal.  login
       may be special to the shell and may not be invoked as a sub-process. When called from a
       shell, login should be executed as exec login which will cause the user to exit from the
       current shell (and thus will prevent the new logged in user to return to the session of
       the caller). Attempting to execute login from any shell but the login shell will produce
       an error message.

       The user is then prompted for a password, where appropriate. Echoing is disabled to
       prevent revealing the password. Only a small number of password failures are permitted
       before login exits and the communications link is severed.

       If password aging has been enabled for your account, you may be prompted for a new
       password before proceeding. You will be forced to provide your old password and the new
       password before continuing. Please refer to passwd(1) for more information.

       Your user and group ID will be set according to their values in the /etc/passwd file. The
       value for $HOME, $SHELL, $PATH, $LOGNAME, and $MAIL are set according to the appropriate
       fields in the password entry. Ulimit, umask and nice values may also be set according to
       entries in the GECOS field.

       On some installations, the environmental variable $TERM will be initialized to the
       terminal type on your tty line, as specified in /etc/ttytype.

       命令解释器的初始化脚本也可能执行。请参考手册中相应的章节来获取关于此功能的更多信息。

       在登录 shell 中以第一个字符是“*”标注的是子系统登录。给定的主目录将被用于用户实际登录的新文
       件系统的根。

       The login program is NOT responsible for removing users from the utmp file. It is the
       responsibility of getty(8) and init(8) to clean up apparent ownership of a terminal
       session. If you use login from the shell prompt without exec, the user you use will
       continue to appear to be logged in even after you log out of the "subsession".

选项

       -f
           不要执行认证，用户已经预认证过。

           Note: In that case, username is mandatory.

       -h
           此登录的远程主机名。

       -p
           保留环境。

       -r
           为 rlogin (远程登录)执行 autologin (自动登录)协议。

       The -r, -h and -f options are only used when login is invoked by root.

CAVEATS

       This version of login has many compilation options, only some of which may be in use at
       any particular site.

       文件的位置由系统配置决定。

       The login program is NOT responsible for removing users from the utmp file. It is the
       responsibility of getty(8) and init(8) to clean up apparent ownership of a terminal
       session. If you use login from the shell prompt without exec, the user you use will
       continue to appear to be logged in even after you log out of the "subsession".

       As with any program, login's appearance can be faked. If non-trusted users have physical
       access to a machine, an attacker could use this to obtain the password of the next person
       coming to sit in front of the machine. Under Linux, the SAK mechanism can be used by users
       to initiate a trusted path and prevent this kind of attack.

配置文件

       The following configuration variables in /etc/login.defs change the behavior of this tool:

文件

       /var/run/utmp
           当前登录会话的列表。

       /var/log/wtmp
           先前的登录会话列表。

       /etc/passwd
           用户账户信息。

       /etc/shadow
           安全用户账户信息。

       /etc/motd
           System message of the day file.

       /etc/nologin
           阻止非 root 用户登录。

       /etc/ttytype
           终端类型列表。

       $HOME/.hushlogin
           阻止现实系统信息。

       /etc/login.defs
           Shadow 密码套件配置。

参见

       mail(1), passwd(1), sh(1), su(1), login.defs(5), nologin(5), passwd(5), securetty(5),
       getty(8).