From owner-freebsd-questions@FreeBSD.ORG Sun Dec 28 09:32:24 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2358716A4CE for ; Sun, 28 Dec 2003 09:32:24 -0800 (PST) Received: from be-well.no-ip.com (lowellg.ne.client2.attbi.com [66.30.200.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 200CC43D2F for ; Sun, 28 Dec 2003 09:32:21 -0800 (PST) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: by be-well.no-ip.com (Postfix, from userid 1147) id 9B00C6D; Sun, 28 Dec 2003 12:32:20 -0500 (EST) Sender: lowell@be-well.ilk.org To: freebsd-questions@freebsd.org References: <20031227030246.A14316-100000@bugs.elitsat.net> <441xqqs26m.fsf@be-well.ilk.org> <20031227204734.GB32347@users.munk.nu> From: Lowell Gilbert Date: 28 Dec 2003 12:32:20 -0500 In-Reply-To: <20031227204734.GB32347@users.munk.nu> Message-ID: <44vfo0j1az.fsf@be-well.ilk.org> Lines: 23 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: setting login.conf doesn't limit my users X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Dec 2003 17:32:24 -0000 Jez Hancock writes: > I don't think this is true - whether or not login is called is dependent > on the shell set for each user - I may be wrong though :P. On further inspection, I see that login(1) is not being called, but login(3) seems to be. The shell in use shouldn't matter, because the shell itself should be run under the user's limits. > All I *do* know is that I use sshd to login regularly and the login > capabilities I set in /etc/login.conf do take effect ok. Yes, you're right. > To the OP - it may help if you paste in the contents of your login caps > file /etc/login.conf or detail exactly what it is you're trying to > cap/restrict. Indeed. There are some limits that aren't implemented, but if the users can change a limit, that's not what's happening here. Of course, users can always *lower* their limits, and they can raise their soft limits up to a maximum of the hard limit (that's what the distinction is for).