login.conf tweaking

Hello, my login.conf looks like this:

default:\
        :passwd_format=blf:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=unlimited:\
        :datasize=unlimited:\
        :stacksize=unlimited:\
        :memorylocked=unlimited:\
        :memoryuse=unlimited:\
        :filesize=unlimited:\
        :coredumpsize=unlimited:\
        :openfiles=unlimited:\
        :maxproc=unlimited:\
        :sbsize=unlimited:\
        :vmemoryuse=unlimited:\
        :priority=0:\
        :ignoretime@:\
        :umask=022:



bind:\
        :passwd_format=blf:\
        :mixpasswordcase=true:\
        :minpasswordlen=9:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=unlimited:\
        :datasize=unlimited:\
        :stacksize=unlimited:\
        :memorylocked=150M:\
        :memoryuse=150M:\
        :filesize=unlimited:\
        :coredumpsize=0:\
        :openfiles=4048:\
        :maxproc=300:\
        :sbsize=unlimited:\
        :vmemoryuse=unlimited:\
        :priority=0:\
        :ignoretime@:\
        :umask=022:

users:\
        :passwd_format=blf:\
        :passwordtime=90d:\
        :mixpasswordcase=true:\
        :minpasswordlen=8:\
        :idletime=300m:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=5m:\
        :datasize=32M:\
        :vmemoryuse=100M:\
        :stacksize=32M:\
        :memorylocked=32M:\
        :memoryuse=32M:\
        :filesize=50M:\
        :coredumpsize=32M:\
        :openfiles=150:\
        :requirehome:\
        :maxproc=10:\
        :priority=99:\
        :ignoretime@:\
        :umask=027:
The idea is to set those restrictions for group "users" . did cap_mkdb /etc/login.conf, but then i logged in with a user which is in that group, and tried to open 100 processes ... and i could do.
Where is my mistake ? why the settings are not applied ?
rares_dumitrescuAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
use vipw and assign user login class of "users"
5th fiels in passwd file after user,passwd,uid and gid

man 5 passwd for more reference on file format.
rares_dumitrescuAuthor Commented:
okay thing .. so .. the classes in login.conf, they refer to users or groups ?
gheistCommented:
They match to login classes exclusively, not groups and users like in OpenBSD or NetBSD.
They cannot apply to superuser like in ="=

Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

rares_dumitrescuAuthor Commented:
well i still do not understand. what i need is the restrictions from

users:\
        :passwd_format=blf:\
        :passwordtime=90d:\
        :mixpasswordcase=true:\
        :minpasswordlen=8:\
        :idletime=300m:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=5m:\
        :datasize=32M:\
        :vmemoryuse=100M:\
        :stacksize=32M:\
        :memorylocked=32M:\
        :memoryuse=32M:\
        :filesize=50M:\
        :coredumpsize=32M:\
        :openfiles=150:\
        :requirehome:\
        :maxproc=10:\
        :priority=99:\
        :ignoretime@:\
        :umask=027:

to apply for each user in group users. what must i do in order to accomplish that?
gheistCommented:
1) create list of users in goup
2) assign them to login group
3) run pwd_mkdb to recreate passwd and pwd.db and spwd.db
rares_dumitrescuAuthor Commented:
added user1 to group users.
cap_mkdb /etc/passwd
pwd_mkdb /etc/master.passwd

signed in with user and i was able to start 100 processes, though i have limited login.conf to 10. does it matter where in login.conf are the classes? i mean check out where class users is now. should i put it before class default ?
gheistCommented:
You do not have to add group. You have to list users in a group and assign them login class.
First do that with vipw

root:xxx:0:0:YOU SHOULD BE ABLE TO WRITE IN THIS FIELD:0:0:Charlie &:/root:/bin/csh

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rares_dumitrescuAuthor Commented:
so i make username users , with group users. i add all my users to group users, and then settings will take effect ?
gheistCommented:
No - no matter group or username, they do not relate to login.conf, if you set 5th field of master.passwd via vipw, then login class restrictions other than default will apply to that user.
rares_dumitrescuAuthor Commented:
now i got what a login class is. is there a command which i can set the login class through ? because i have a ton of users and i wanna create a script that will change the login class for everyone
rares_dumitrescuAuthor Commented:
pw user mod user1 -L users / got it! Thanks for help. it rocked.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.