oracular (8) ngetty-helper.8.gz

Provided by: ngetty_1.1-13_amd64 bug

NAME

       ngetty - daemon for virtual console terminals

SYNOPSIS

       ngetty [ tty1 | vc/1 | 1 ] [ /dev/tty2 | vc/2 | 2 ] ...
       ngetty-helper /dev/ttyX [ login ]
       ngetty-argv :options:child:[name]:args [user [tty]]

DESCRIPTION

       ngetty is a daemon that starts login sessions on virtual console terminals, on demand.  It
       opens the virtual console  terminals  specified  by  the  tty...   arguments,  displays  a
       /etc/issue  message, prints the login prompt on each terminal and waits for user name.  On
       user action, ngetty executes login(1) in a new process  with  the  terminal  the  user  is
       typing in as the controlling terminal.

       login(1)  then  prompts  for a password to login with the system and finally, if the login
       succeeds, executes the user's login shell.

       When the user logs out, ngetty restarts the corresponding virtual console terminal.

       Actually  almost  the  whole  work  is  done  by  a  ngetty-helper  program.    It   makes
       /var/run/utmp, /var/log/wtmp records, prints /etc/issue, hostname, login prompt, waits for
       user name.  ngetty invokes the ngetty-helper by need.

HISTORY

       The traditional way to enable logins on virtual console terminals is to start a  bunch  of
       getty(8)  programs,  one  for  each virtual console terminal, from init(8).  As most users
       rarely login on virtual console terminals nowadays, preferring graphical  logins  instead,
       it  seems  wasteful to have all those getty(8) processes doing nothing but wasting memory.
       Alternatively, ngetty manages logins on any number of virtual  console  terminals  from  a
       single, light, process.

INVOCATION

       ngetty does not use stdin, stdout or stderr and closes them.

       When  running  ngetty  in  the  background,  remember  to disassociate it from the current
       controlling terminal by making it the process group leader of a new session, e.g.:

           setsid ngetty tty...  &
           ngetty-argv :-D:-S:-e:--:/usr/sbin/ngetty::1:2:3:4

       To start ngetty from init(8), add something like this to /etc/inittab:

              ng:2345:respawn:/usr/sbin/ngetty tty1 tty2 ... tty6

       If ngetty-argv is available use it to start ngetty from  /etc/inittab.   See  the  example
       below.

DIAGNOSTICS

       If  ngetty  can  not  open  one  of  the virtual console terminals specified in the tty...
       arguments, most likely because that tty device node does not exist,  no  greeting  message
       will  be displayed on that terminal, obviously, and ngetty will simply go on, ignoring the
       offending terminal.  Create the missing tty device and send SIGCHLD to  ngetty.   Then  it
       will  reopen  the  new  tty.   Instead of sending SIGCHLD you can login and logout on some
       working tty.  This also forces ngetty to reopen the new tty.

       ngetty uses ngetty-helper program.  It's path  is  hard-coded  in  ngetty.   Never  remove
       ngetty-helper program nor move it to other location.

       If,  on user action, ngetty-helper can not execute login(1), in all likelihood because the
       compiled-in LOGIN path does not match your system's login(1)  path,  ngetty  restarts  the
       terminal and redisplays the greeting message.

       In any case, ngetty does not output error messages.

OPTIONS

       It's possible to set different options for ngetty-helper program in file /etc/ngetty/Conf.
       If the option begin with "=" it's applied for all tty.  If it start with a tty  name  it's
       applied only on current tty.  Examples:

              # options format:
              # [ttyX]=option[=value]
              #=debug
              =environ=,TERM=linux
              tty3=long-hostname
              tty1=clear=\033c
              =newline=
              =timeout=180
              tty1=timeout=60
              tty1=delay=1

       For security reasons ngetty-helper evaluate the file /etc/ngetty/Conf only if it has mode:

              -rw-------    root   root   /etc/ngetty/Conf

       ngetty-helper   recognizes   the   following  options  which  might  be  embedded  in  the
       /etc/ngetty/Conf file:

       # tty5=login-prog=/bin/login.test
              If a line starts with #, space or tab it is a comment.

       debug  If debug is set ngetty-helper write on terminal all successfully  applied  options.
              Set this on the fist line of /etc/ngetty/Conf file.

       date-string
              Escape \d (current day) in /etc/issue as:
              Fri Jun 01 2007.  Default is: 2007-06-01.

       days=string
              Abbreviation for week days (21 bytes).  Default is:
              =days=SunMonTueWedThuFriSat

       months=string
              Abbreviation for months (36 bytes).  Default is:
              =months=JanFebMarAprMayJunJulAugSepOctNovDec

       tz=string
              Change  the  timezone  offset.   If  the  string starts with slash it's the name of
              tzfile.  The string is positive number if the local time zone is east of the  Prime
              Meridian and negative if it is west.  Default is /etc/localtime.  Examples:
              =tz=-18000        -0500
              =tz=7200          +0200
              =tz=/etc/localtime
              =tz=AUTO

       echo-off
              Turn the echo off just before starting /bin/login.  It's similar to stty -echo.

       newline=string
              Print this string before writing out /etc/issue.  (default is \012).  Example:
              tty3=newline=\012I am \l\012

       clear=string
              Clear  the  screen  before prompting for the login name with the string (default is
              \033c).  Examples:
              tty1=clear=
              tty3=clear=\033[H\033[J

       noclear-first=/etc/ngetty/.noclear
              Do not clear the screen before prompting for the login name the  first  time  after
              reboot.  Example:
              tty1=noclear-first=/etc/ngetty/.noclear.tty1

       nohangup
              Do not call vhangup() to disable writing to this tty by other applications.

       long-hostname
              By  default  the  hostname  is  only printed until the first dot.  With this option
              enabled, the full text from gethostname() is shown.

       nousername
              Do not ask for user name.  Exec login(1) immediately.  Example:
              =nousername
              =login-prompt= Press ENTER to activate \l

       deny=,black,list,users...
              Disable login process for some users.  The first char after "deny=" is split  char.
              Example:
              tty1=deny=,root,nobody,guest

       allow=,white,list,users...
              Enable  login  process  only for the users.  The first char after "allow=" is split
              char.  Example:
              =clear=
              =allow=,root,operator

       print=an:CM:PY:04:69
              Accept only these chars in user name.  Default is to accept only ",-._ 0-9  a-z  A-
              Z".  It's possible to insert here the output of
              printf 'tty3=print=az:AZ:\ABC\XYZ:__'
              Here ABC and XYZ are octal numbers.  Examples:
              tty1=print=az:AZ
              tty2=print=az:AZ:__:,.:09

       issue-file=/etc/issue
              Change the issue file.  Disable printing of the issue file with:
              =issue-file=

       login-prog=/bin/login
              Change the login app.  It's possible to use fgetty's /bin/login1 application with:
              =echo-off
              =login-prog=/bin/login1

       login-buffer=string
              Read login name over the string.  Default string is 40 bytes long.  Example:
              =login-buffer=12345678901234567

       login-prompt=\n login:
              Change the login prompt string.  Example:
              =login-prompt=\033[1;33m\l\033[0;39m  \n login:

       nice=10
              Change the priority by calling nice().

       delay=5
              Sleep this many seconds before printing the file /etc/issue.

       timeout=180
              Wait at most this many seconds for user name.

       chdir=/home
              Change into this directory before calling the login prog.

       chroot=/chroot
              Call chroot() with this directory name.

       autologin-name=username
              Log  the  specified  user  automatically  in  without  asking  for a login name and
              password.  Check the -f option from /bin/login for this.  Example:
              tty1=autologin-name=maria

       autologin-first=/etc/ngetty/.autologin
              Log in automatically only the first time after reboot without asking  for  a  login
              name and password.  Example:
              tty1=autologin-name=maria
              tty1=autologin-first=/etc/ngetty/.autologin

       environ=,TERM=linux
              Replace the environ.  The first char after "environ=" is split char.  Examples:
              =environ=,TERM=vt100,PATH=/bin:/usr/bin,HOME=/
              tty3=environ=,TERM=linux,TTY=/dev/tty3

       sh-A=line
              Exec  this  line before printing /etc/issue.  The line is executed using /bin/sh -c
              line.  It's good idea to use the full paths here.  Example:
              tty4=sh-A=exec /bin/ps e -u root
              tty4=delay=8

       sh-B=line
              Similar to option sh-A.  This is executed before asking for username.

       login-argv=any_string
              Ngetty starts login application with options
              login -- XYZ      # default
              login -f XYZ      # if autologin-name=XYZ
              With this option it's possible to start login appl with any_string instead of -- or
              -f.   Using  the  program  ngetty-argv(8)  one  can  start  arbitrary  program with
              different arguments.  Two very dangerous examples are (never try them):
              tty4=login-prog=/usr/sbin/ngetty-argv
              tty5=login-prog=/usr/sbin/ngetty-argv
              tty4=login-argv=,/bin/login,,-f,%U
              tty5=login-argv=:-C:/bin/bash:-bash

WARNING

       If ngetty-helper finds stdout or stderr open it exits immediately with error 100.   Ngetty
       invokes it correctly.  See also the program test-helper.c in source package.

       Do   not   edit   the   file   /etc/ngetty/Conf   directly.   Put  the  configurations  in
       /etc/ngetty/Conf.sed (the same syntax  and  permissions  as  /etc/ngetty/Conf)  and  after
       editing it, execute:

              cd /etc/ngetty && ./setup

       The  script  /etc/ngetty/setup  removes comments, merges lines ending with a backslash and
       expands the string =tz=AUTO to numeric number.  Then it updates /etc/ngetty/Conf.

SIGNALS

       If ngetty receives SIGTERM it kill all child's PID  (first  with  SIGTERM  and  then  with
       SIGKILL)  and  exit  immediately.  It does not change UID, GID and mode of the controlling
       tty devices.  It does not catch the other signals.  Sending SIGCHLD to ngetty forces it to
       reread his internal cache tables and to restart failed tty devices.

ISSUE ESCAPES

       ngetty-helper  recognizes  the  following  escapes sequences which might be embedded after
       login-prompt=, newline=, clear= or in the /etc/issue file:

       \d     insert current day (localtime),

       \l     insert line on which ngetty is running,

       \m     inserts machine architecture (uname -m),

       \n     inserts machine's network node hostname (uname -n),

       \o     inserts domain name,

       \r     inserts operating system release (uname -r),

       \t     insert current time (localtime),

       \s     inserts operating system name,

       \u     insert the number of users which are currently logged in,

       \U     insert the  string  "1 user" or "<n> users", where  <n>  is  the  number  of  users
              currently logged  in,

       \v     inserts operating system version (uname -v).

       \XYZ   inserts a letter with octal code XYZ.

EXAMPLE

       "Linux eos i386 #1 Tue Mar 19 21:54:09 MET 1996"  was  produced  by  putting "\s \n \m \v"
       into /etc/issue.

NGETTY-ARGV

       The program ngetty-argv(8) splits argv[1] on strings, expands %U and %T  to  username  and
       tty and then start the the application.  The first char after "login-argv=" is split char.
       In the examples above every user logs on tty4 without password and tty5  is  always  root.
       To understand better how ngetty-argv works try as non-root:

       ngetty-argv ':/bin/echo:echo:%U: on %T' usr tty3
       ngetty-argv ':/bin/sleep:-hacker:39:I am %U on %T' 123 X

       One can put also options for ngetty-argv at the beginning.

              --         last option

              -u503      setuid to 503

              -g230      setgid to 230

              -a120      exec alarm(120) before starting child

              -s10       sleep 10 secs before starting child

              -d/X/YZ    chdir(/X/YZ)  before starting child

              -r/A/BC    chroot(/A/BC) before starting child

              -D         start the child in background and exit

              -N -C      NOTTY | SCTTY controlling tty

              -S         like setsid(8)

              -e,HOME=/,TERM=linux     same as environ= above

              -p/path/to/pid.file      write the child pid here

       One possible example for /etc/ngetty/Conf is:
           tty9=clear=
           tty9=issue-file=
           tty9=login-prompt=\n  \d \t  qmail-qread:
           tty9=login-prog=/usr/sbin/ngetty-argv
           tty9=login-argv=:-u106:-g503:-d/var/qmail:--
             :./bin/qmail-qread:qread

       Another example is setting the TTY environ automatically:
           =login-prog=/usr/sbin/ngetty-argv
           =login-argv=:-e,TTY=/dev/%T,TERM=linux:--
             :/bin/login:login-%T:--:%U

       I  recommend  using  ngetty-argv   in  /etc/inittab  also.   Put as last argument runlevel
       string.  Then ps will show ngetty-2345 instead of ngetty.  Next start  tty1  ...  tty6  on
       runlevels 2345.
           ng:2345:respawn:/usr/sbin/ngetty-argv
             .-e.-S.-d/.-s1.--./usr/sbin/%U.%U-%T.1.2.3.4.5.6
             ngetty 2345

       On a terminal (in scripts) start ngetty with
           ngetty-argv .-N.-S.-e./usr/sbin/%U.%U.8.9.10 ngetty
           ngetty-argv .-D.-S.-e./usr/sbin/%U.%U.8.9.10 ngetty

       This  program is a hack written for ngetty-helper.  There is no additional code in ngetty-
       helper and it's possible to start a program with any args.  It is like  a  filter  between
       ngetty-helper  and  login  application.   One  can easy modify it without touching ngetty-
       helper.  It's similar to DJB well known argv0(1) and setuidgid(8).  You can write own such
       programs and use them instead of ngetty-argv.

FILES

       /etc/ngetty/Conf        ngetty-helper configuration file
       /etc/ngetty/Conf.sed    private setup file
       /etc/ngetty/setup       updates Conf.sed -> Conf
       /etc/issue              printed before the login prompt
       /var/run/utmp           the system status file
       /var/log/wtmp           the system logging file
       /etc/inittab            init(8) configuration file

SEE ALSO

       getty(8) fgetty(8) mingetty(8)
       login(1) nlogin(1) argv0(1) setuidgid(8) stty(1)
       http://sites.google.com/site/anbadeol/logind

AUTHOR

       Nikola Vladov
       http://riemann.fmi.uni-sofia.bg/ngetty/

       Copyright 2007,2008,2010 Nikola Vladov

       This program is free software; you can redistribute it and/or modify it under the terms of
       the GNU General Public License as  published  by  the  Free  Software  Foundation;  either
       version 2 of the License, or (at your option) any later version.

       This  program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
       without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR  PURPOSE.
       See the GNU General Public License for more details.

                                             May 2010                                   NGETTY(8)