login.conf tweaking

Hello, my login.conf looks like this:

default:\
        :passwd_format=blf:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=unlimited:\
        :datasize=unlimited:\
        :stacksize=unlimited:\
        :memorylocked=unlimited:\
        :memoryuse=unlimited:\
        :filesize=unlimited:\
        :coredumpsize=unlimited:\
        :openfiles=unlimited:\
        :maxproc=unlimited:\
        :sbsize=unlimited:\
        :vmemoryuse=unlimited:\
        :priority=0:\
        :ignoretime@:\
        :umask=022:



bind:\
        :passwd_format=blf:\
        :mixpasswordcase=true:\
        :minpasswordlen=9:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=unlimited:\
        :datasize=unlimited:\
        :stacksize=unlimited:\
        :memorylocked=150M:\
        :memoryuse=150M:\
        :filesize=unlimited:\
        :coredumpsize=0:\
        :openfiles=4048:\
        :maxproc=300:\
        :sbsize=unlimited:\
        :vmemoryuse=unlimited:\
        :priority=0:\
        :ignoretime@:\
        :umask=022:

users:\
        :passwd_format=blf:\
        :passwordtime=90d:\
        :mixpasswordcase=true:\
        :minpasswordlen=8:\
        :idletime=300m:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=5m:\
        :datasize=32M:\
        :vmemoryuse=100M:\
        :stacksize=32M:\
        :memorylocked=32M:\
        :memoryuse=32M:\
        :filesize=50M:\
        :coredumpsize=32M:\
        :openfiles=150:\
        :requirehome:\
        :maxproc=10:\
        :priority=99:\
        :ignoretime@:\
        :umask=027:
The idea is to set those restrictions for group "users" . did cap_mkdb /etc/login.conf, but then i logged in with a user which is in that group, and tried to open 100 processes ... and i could do.
Where is my mistake ? why the settings are not applied ?
rares_dumitrescuAsked:
Who is Participating?
 
gheistCommented:
You do not have to add group. You have to list users in a group and assign them login class.
First do that with vipw

root:xxx:0:0:YOU SHOULD BE ABLE TO WRITE IN THIS FIELD:0:0:Charlie &:/root:/bin/csh
0
 
gheistCommented:
use vipw and assign user login class of "users"
5th fiels in passwd file after user,passwd,uid and gid

man 5 passwd for more reference on file format.
0
 
rares_dumitrescuAuthor Commented:
okay thing .. so .. the classes in login.conf, they refer to users or groups ?
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
gheistCommented:
They match to login classes exclusively, not groups and users like in OpenBSD or NetBSD.
They cannot apply to superuser like in ="=

0
 
rares_dumitrescuAuthor Commented:
well i still do not understand. what i need is the restrictions from

users:\
        :passwd_format=blf:\
        :passwordtime=90d:\
        :mixpasswordcase=true:\
        :minpasswordlen=8:\
        :idletime=300m:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=5m:\
        :datasize=32M:\
        :vmemoryuse=100M:\
        :stacksize=32M:\
        :memorylocked=32M:\
        :memoryuse=32M:\
        :filesize=50M:\
        :coredumpsize=32M:\
        :openfiles=150:\
        :requirehome:\
        :maxproc=10:\
        :priority=99:\
        :ignoretime@:\
        :umask=027:

to apply for each user in group users. what must i do in order to accomplish that?
0
 
gheistCommented:
1) create list of users in goup
2) assign them to login group
3) run pwd_mkdb to recreate passwd and pwd.db and spwd.db
0
 
rares_dumitrescuAuthor Commented:
added user1 to group users.
cap_mkdb /etc/passwd
pwd_mkdb /etc/master.passwd

signed in with user and i was able to start 100 processes, though i have limited login.conf to 10. does it matter where in login.conf are the classes? i mean check out where class users is now. should i put it before class default ?
0
 
rares_dumitrescuAuthor Commented:
so i make username users , with group users. i add all my users to group users, and then settings will take effect ?
0
 
gheistCommented:
No - no matter group or username, they do not relate to login.conf, if you set 5th field of master.passwd via vipw, then login class restrictions other than default will apply to that user.
0
 
rares_dumitrescuAuthor Commented:
now i got what a login class is. is there a command which i can set the login class through ? because i have a ton of users and i wanna create a script that will change the login class for everyone
0
 
rares_dumitrescuAuthor Commented:
pw user mod user1 -L users / got it! Thanks for help. it rocked.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.