 |
Index for Section 4 |
|
 |
Alphabetical listing for T |
|
ttys(4)
NAME
ttys - Terminal control database file (Enhanced Security)
DESCRIPTION
Notes
The secure terminal database file, /etc/securettys, is used to control
root logins on both C2 and non-C2 systems and is documented in the
securettys(4) reference page.
By default, ttys information is now in database format as converted by
convauth. The databases are not converted in an update installation.
The system supports a single terminal control database that contains
entries for each terminal that can be used for logging in. Authentication
programs use information in the terminal control database to determine if
log in from the terminal is permitted. Additional fields are maintained for
informational purposes.
The format of the terminal control database file is identical to other
system authentication database files. For more information on the file
format, see the authcap(4) reference page. The file consists of keyword
field identifiers and values for those fields. The following keyword
identifiers are supported:
t_devname This field defines the terminal device name for the entry. The
system expects that terminal devices are in the /dev directory
and therefore this prefix should not be specified. If the
terminal entry describes the /dev/tty1 device, the t_devname
field should contain tty1.
t_uid This field contains the user ID of the last user who successfully
logged in using the terminal device.
t_logtime This field is a time_t value that records the last successful
login time to the terminal device.
t_unsucuid
This field contains the user ID of the last user who
unsuccessfully attempted to log in using the terminal device.
t_unsuctime
This field is a time_t value that records the last unsuccessful
login time to the terminal device.
t_prevuid This field contains the user ID of the user who successfully
logged in before the user identified in the t_uid field. This
represents the UID of the previous login session.
t_prevtime
This field is a time_t value that contains the system time of
last logout associated with this terminal device. This value
marks the end of the previous login session associated with the
user identified by t_prevuid.
t_failures
This field records the number of consecutive unsuccessful login
attempts to the terminal device.
t_maxtries
This field specifies the maximum number of consecutive
unsuccessful login attempts permitted using the terminal before
the terminal is locked. Once the terminal is locked, it must be
unlocked by an authorized administrator.
t_logdelay
This field is a time_t value that identifies the login delay
enforced by authentication programs between unsuccessful login
attempts. This field is designed to slow the rate at which
penetration attempts on a terminal device can occur.
t_lock This field indicates whether the terminal device has been
administratively locked. This field is manipulated by authorized
administrators only.
t_unlock This field specifies the time interval in seconds after
t_unsuctime to wait before ignoring t_failures. Zero means never
ignore t_failures.
t_login_timeout
This field specifies the login time-out value in seconds. If a
login attempt is initiated by entering a user name at the login
prompt but successful authentication is not completed within the
time-out interval specified, the login attempt is aborted.
t_xdisplay
This field indicates that the entry is an X window display
managed by xdm, rather than a terminal device.
EXAMPLES
The following example shows a typical terminal control database entry:
console:t_devname=console:
:t_uid=reese:t_logtime#675430072:
:t_unsucuid=reese:t_unsuctime#673610809:
:t_prevuid=root:t_prevtime#671376915:
:chkent:
This entry is for the system console device, /dev/console. The most recent
successful login session was for the user reese. The most recent
unsuccessful login attempt was also by user reese. Before the most recent
successful login session, the root account was used to log in to the
console. The entry records the system time for the current successful
login, the end of the previous successful login session, and the time of
the most recent unsuccessful login attempt.
FILES
/etc/auth/system/ttys
Specifies the pathname of the file.
RELATED INFORMATION
Commands: login(1)
Functions: getprtcent(3)
Files: authcap(4), default(4), securettys(4)