HP-UX Reference (11i v3 07/02) - 1 User Commands A-M (vol 1)
l
login(1) login(1)
NAME
login - sign on, start terminal session
SYNOPSIS
login [name [env-var]...]
DESCRIPTION
The login command is used at the beginning of each terminal session to properly identify a prospective
user. login can be invoked as a user command or by the system as an incoming connection is established.
login can also be invoked by the system when a previous user shell terminates but the terminal does not
disconnect.
If login is invoked as a command, it must replace the initial command interpreter (the user’s login shell).
This is accomplished with the shell command
exec login
The user’s login name is requested, if it is not specified on the command line, and the corresponding pass-
word is obtained, if required, with the following prompts:
login:
Password:
Terminal echo is turned off (where possible) during password entry to prevent written records of the pass-
word. If the account does not have a password, and the authentication profile for the account requires one,
login invokes pam_chauthtok()
to establish one for the account.
On a trusted system,
login displays the last successful and unsuccessful login times and terminal devices.
On a standard system, login optionally displays the last successful and unsuccessful login times. See the
DISPLAY_LAST_LOGIN
attribute in security(4).
As a security precaution, some installations use an option that requires a second "dialup" password. This
occurs only for dialup connections, and is requested with the prompt:
dialup password:
Both passwords must be correct for a successful login (see dialups(4) for details on dialup security).
If password aging is activated, the user’s password may have expired.
pam_chauthtok() is invoked to
change the password. On a standard system, the user is required to re-login after a successful password
change (see passwd(1)).
After three unsuccessful login attempts, a
HANGUP signal is issued. If a login is not successfully completed
within a certain period of time (for example, one minute), the terminal is silently disconnected.
After a successful login, the accounting files are updated, user and group IDs, group access list, and work-
ing directory are initialized, and the user’s command interpreter (shell) is determined from corresponding
user entries in the files /etc/passwd and /etc/logingroup
(see passwd(4) and group(4)). If
/etc/passwd does not specify a shell for the user name, /usr/bin/sh is used by default. login
then forks the appropriate shell by using the last component of the shell path name preceded by a
- (for
example,
-sh or -ksh). When the command interpreter is invoked with its name preceded by a minus in
this manner, the shell performs its own initialization, including execution of profile, login, or other initiali-
zation scripts.
For example, if the user login shell is the Korn or POSIX shell (see ksh(1) or sh-posix(1), respectively), the
shell executes the profile files /etc/profile and $HOME/.profile if they exist (and possibly others
as well). Depending on what these profile files contain, messages regarding mail in the user’s mail file or
any messages the user may have received since the user’s last login may be displayed.
If the command name field is *,achroot() to the directory named in the directory field of the entry is
performed. At that point, login is re-executed at the new level, which must have its own root structure,
including a /usr/bin/login command and an /etc/passwd file.
For the normal user, the basic environment variables (see environ(5)) are initialized to:
HOME=login_directory
LOGNAME=login_name
MAIL=/var/mail/login_name
PATH=:/usr/bin
SHELL=
login_shell
588 Hewlett-Packard Company − 1 − HP-UX 11i Version 3: February 2007