diff options
Diffstat (limited to 'riemann.fmi.uni-sofia.bg/ngetty/ngetty-1.1/ngetty.8')
| -rw-r--r-- | riemann.fmi.uni-sofia.bg/ngetty/ngetty-1.1/ngetty.8 | 666 |
1 files changed, 666 insertions, 0 deletions
diff --git a/riemann.fmi.uni-sofia.bg/ngetty/ngetty-1.1/ngetty.8 b/riemann.fmi.uni-sofia.bg/ngetty/ngetty-1.1/ngetty.8 new file mode 100644 index 0000000..7e552f5 --- /dev/null +++ b/riemann.fmi.uni-sofia.bg/ngetty/ngetty-1.1/ngetty.8 @@ -0,0 +1,666 @@ +.TH NGETTY 8 "May 2010" +. +.SH NAME +. +.BR ngetty +\- daemon for virtual console terminals +. +.SH SYNOPSIS +.BR ngetty +[ tty1 | vc/1 | 1 ] [ /dev/tty2 | vc/2 | 2 ] ... +.br +.BR ngetty-helper +/dev/ttyX [ login ] +.br +.BR ngetty-argv +:options:child:[name]:args [user [tty]] + +. +.SH DESCRIPTION +. +.B ngetty +is a daemon that starts login sessions on virtual console terminals, +on demand. It opens the virtual console terminals specified by the +.I tty... +arguments, displays a +.IR /etc/issue +message, +prints the login prompt +on each terminal +and waits for user name. +On user action, +.B ngetty +executes +.BR login (1) +in a new process with the terminal the user is typing in as the +controlling terminal. +.PP +.BR login (1) +then prompts for a password to login with the system and +finally, if the login succeeds, executes the user's login shell. +.PP +When the user logs out, +.B ngetty +restarts the corresponding virtual console terminal. +.PP +.PP +Actually almost the whole work is done by a +.B ngetty-helper +program. +It makes +.IR /var/run/utmp , +.IR /var/log/wtmp +records, prints +.IR /etc/issue , +hostname, login prompt, +waits for user name. +.B ngetty +invokes the +.B ngetty-helper +by need. +. +.SH HISTORY +. +The traditional way to enable logins on virtual console terminals is +to start a bunch of +.BR getty (8) +programs, one for each virtual console terminal, from +.BR init (8). +As most users rarely login on virtual console terminals nowadays, preferring +graphical logins instead, it seems wasteful to have all those +.BR getty (8) +processes doing nothing but wasting memory. +Alternatively, +.B ngetty +manages logins on any number of virtual console terminals from a single, +light, process. +. +.SH INVOCATION +. +.B ngetty +does not use stdin, stdout or stderr and closes them. +.PP +When running +.B ngetty +in the background, remember to disassociate it from the current controlling +terminal by making it the process group leader of a new session, e.g.: +.PP +.RS 4 +setsid ngetty tty... & +.br +ngetty-argv :-D:-S:-e:--:/sbin/ngetty::1:2:3:4 +.RE +.PP +To start +.B ngetty +from +.BR init (8), +add something like this to +.IR /etc/inittab : +.PP +.RS +ng:2345:respawn:/sbin/ngetty tty1 tty2 ... tty6 +.RE +.PP +If +.B ngetty-argv +is available use it to start ngetty from +.IR /etc/inittab . +See the example bellow. +. +.SH DIAGNOSTICS +. +If +.B ngetty +can not open one of the virtual console terminals specified in the +.I tty... +arguments, most likely because that +.I tty +device node does not exist, no greeting message will be displayed on +that terminal, obviously, and +.B ngetty +will simply go on, ignoring the offending terminal. +Create the missing +.I tty +device and send SIGCHLD to ngetty. +Then it will reopen the new +.IR tty . +Instead of sending SIGCHLD you can login and logout on some +working +.IR tty . +This also forces ngetty to reopen the new +.IR tty . + +. +.PP +.B ngetty +uses +.B ngetty-helper +program. +It's path is hard-coded in +.BR ngetty . +Never remove +.B ngetty-helper +program nor move it to other location. +.PP +If, on user action, +.B ngetty-helper +can not execute +.BR login (1), +in all likelihood because the compiled-in +.B LOGIN +path does not match your system's +.BR login (1) +path, +.B ngetty +restarts the terminal and redisplays the greeting message. +.PP +In any case, +.B ngetty +does not output error messages. +.PP + +.SH OPTIONS +It's possible to set different options for +.B ngetty\-helper +program in file +.IR /etc/ngetty/Conf . +If the option begin with "=" it's applied for +all tty. If it start with a tty name it's applied only +on current tty. +Examples: +.PP +.RS +.B # options format: +.br +.B # [ttyX]=option[=value] +.br +.B #=debug +.br +=environ=,TERM=linux +.br +tty3=long-hostname +.br +tty1=clear=\e033c +.br +=newline= +.br +=timeout=180 +.br +tty1=timeout=60 +.br +tty1=delay=1 +.RE +.PP +For security reasons +.B ngetty-helper +evaluate the file +.IR /etc/ngetty/Conf +only if it has mode: +.PP +.RS +-rw------- root root /etc/ngetty/Conf +.RE +. +.PP +.B ngetty-helper +recognizes the following options which might be embedded in the +.I /etc/ngetty/Conf +file: +.TP +.B # tty5=login-prog=/bin/login.test +If a line starts with +.BR # , +.B space +or +.B tab +it is a comment. +.TP +.B debug +If debug is set +.B ngetty-helper +write on terminal +all successfully applied options. Set this on the fist line of +.IR /etc/ngetty/Conf +file. +.TP +.B date-string +Escape +\fB\\d\fP (current day) +in +.IR /etc/issue +as: +.br +\fBFri Jun 01 2007\fP. +Default is: +\fB2007-06-01\fP. +.TP +.B days=string +Abbreviation for week days (21 bytes). Default is: +.br +.B =days=SunMonTueWedThuFriSat +.TP +.B months=string +Abbreviation for months (36 bytes). Default is: +.br +.B =months=JanFebMarAprMayJunJulAugSepOctNovDec +.TP +.B tz=string +Change the timezone offset. If the string starts +with slash it's the name of tzfile. +The string is positive number if the local +time zone is east of the Prime Meridian +and negative if it is west. +Default is +.IR /etc/localtime . +Examples: +.br +\fB=tz=-18000\fP -0500 +.br +\fB=tz=7200\fP +0200 +.br +\fB=tz=/etc/localtime\fP +.br +\fB=tz=AUTO\fP +.TP +.B echo-off +Turn the echo off just before starting /bin/login. It's similar +to \fBstty -echo\fP. +.TP +.B newline=string +Print this \fBstring\fP before writing out +.IR /etc/issue . +(default is \fB\e012\fP). +Example: +.br +.B tty3=newline=\e012I am \el\e012 +.TP +.B clear=string +Clear the screen before prompting for the login name with the +\fBstring\fP (default is \fP\e033c\fP). Examples: +.br +.B tty1=clear= +.br +.B tty3=clear=\e033[H\e033[J +.TP +.B noclear-first=/etc/ngetty/.noclear +Do not clear the screen before prompting for the login name the +first time after reboot. Example: +.br +.B tty1=noclear-first=/etc/ngetty/.noclear.tty1 +.TP +.B nohangup +Do not call vhangup() to disable writing to this tty by +other applications. +.TP +.B long\-hostname +By default the hostname is only printed until the first dot. +With this option enabled, the full text from gethostname() is shown. +. +.TP +.B nousername +Do not ask for user name. Exec login(1) immediately. Example: +.br +.B =nousername +.br +\fB=login-prompt= Press ENTER to activate \el\bP +. +.TP +.B deny=,black,list,users... +Disable login process for some users. The first char after "deny=" +is split char. Example: +.br +.B tty1=deny=,root,nobody,guest +.TP +.B allow=,white,list,users... +Enable login process only for the users. +The first char after "allow=" is split char. Example: +.br +.B =clear= +.br +.B =allow=,root,operator +. +.TP +.B print=an:CM:PY:04:69 +Accept only these chars in user name. Default is to +accept only "\fB,-._ 0-9 a-z A-Z\fP". +It's possible to insert here the output of +.br +.B printf 'tty3=print=az:AZ:\eABC\eXYZ:__' +.br +Here \fBABC\fP and \fBXYZ\fP are octal numbers. Examples: +.br +.B tty1=print=az:AZ +.br +.B tty2=print=az:AZ:__:,.:09 +.TP +.B issue-file=/etc/issue +Change the issue file. Disable printing of the issue file with: +.br +.B =issue-file= +.TP +.B login-prog=/bin/login +Change the login app. It's possible to use fgetty's +.IR /bin/login1 +application with: +.br +.B =echo-off +.br +.B =login-prog=/bin/login1 +.TP +.B login-buffer=string +Read login name over the \fBstring\fP. +Default string is 40 bytes long. Example: +.br +.B =login-buffer=12345678901234567 +.TP +.B login-prompt=\en login: +Change the login prompt string. Example: +.br +\fB=login-prompt=\e033[1;33m\el\e033[0;39m \en login: \fP +.TP +.B nice=10 +Change the priority by calling nice(). +.TP +.B delay=5 +Sleep this many seconds before printing the file /etc/issue. +.TP +.B timeout=180 +Wait at most this many seconds for user name. +.TP +.B chdir=/home +Change into this directory before calling the login prog. +.TP +.B chroot=/chroot +Call chroot() with this directory name. +.TP +.B autologin-name=username +Log the specified user automatically in without asking for +a login name and password. Check the \-f option from +.B /bin/login +for this. +Example: +.br +.B tty1=autologin-name=maria +.TP +.B autologin-first=/etc/ngetty/.autologin +Log in automatically only the first time after reboot without asking for +a login name and password. +Example: +.br +.B tty1=autologin-name=maria +.br +.B tty1=autologin-first=/etc/ngetty/.autologin +.TP +.B environ=,TERM=linux +Replace the environ. The first char after "environ=" +is split char. Examples: +.br +.B =environ=,TERM=vt100,PATH=/bin:/usr/bin,HOME=/ +.br +.B tty3=environ=,TERM=linux,TTY=/dev/tty3 +.TP +.B sh-A=line +Exec this line before printing +.IR /etc/issue . +The line is executed using +.B /bin/sh -c +.IR line . +It's good idea +to use the full paths here. Example: +.br +.B tty4=sh-A=exec /bin/ps e -u root +.br +.B tty4=delay=8 +.TP +.B sh-B=line +Similar to option +.B sh-A. +This is executed before asking for username. +.TP +.B login-argv=any_string +Ngetty starts login application with options +.br +\fBlogin -- XYZ\fP # default +.br +\fBlogin -f XYZ\fP # if autologin-name=XYZ +.br +With this option it's possible to start login appl +with \fBany_string\fP instead of \fB\--\fP or \fB-f\fP. +Using the program \fBngetty-argv\fP(8) one can start +arbitrary program with different arguments. Two very +dangerous examples are (never try them): +.br +.B tty4=login-prog=/sbin/ngetty-argv +.br +.B tty5=login-prog=/sbin/ngetty-argv +.br +.B tty4=login-argv=,/bin/login,,-f,%U +.br +.B tty5=login-argv=:-C:/bin/bash:-bash +. +.PP +.SH "WARNING" +If ngetty-helper finds stdout or stderr open it exits immediately +with error 100. Ngetty invokes it correctly. See also +the program test-helper.c in source package. +.PP +Do not edit the file +.IR /etc/ngetty/Conf +directly. +Put the configurations in +.IR /etc/ngetty/Conf.sed +(the same syntax and permissions as +.IR /etc/ngetty/Conf ) +and after editing it, execute: +.PP +.RS +.B cd /etc/ngetty && ./setup +.RE +.PP +The script +.I /etc/ngetty/setup +removes comments, merges lines ending with a backslash and +expands the string \fB=tz=AUTO\fP to numeric number. +Then it updates +.IR /etc/ngetty/Conf . +.PP +.SH "SIGNALS" +If ngetty receives SIGTERM it kill all child's PID (first with SIGTERM +and then with SIGKILL) and exit immediately. It does not change UID, +GID and mode of the controlling tty devices. +It does not catch the other signals. +Sending SIGCHLD to ngetty forces it +to reread his internal cache tables +and to restart failed tty devices. +. +.PP +.SH "ISSUE ESCAPES" +.B ngetty-helper +recognizes the following escapes sequences which might be embedded +after \fBlogin-prompt=\fP, \fBnewline=\fP, \fBclear=\fP +or in the +.I /etc/issue +file: +.IP \fB\ed\fP +insert current day (localtime), +.IP \fB\el\fP +insert line on which +.B ngetty +is running, +.IP \fB\em\fP +inserts machine architecture (uname -m), +.IP \fB\en\fP +inserts machine's network node hostname (uname -n), +.IP \fB\eo\fP +inserts domain name, +.IP \fB\er\fP +inserts operating system release (uname -r), +.IP \fB\et\fP +insert current time (localtime), +.IP \fB\es\fP +inserts operating system name, +.IP \fB\eu\fP +insert the number of users which are currently logged in, +.IP \fB\eU\fP +insert the string "1 user" or "<n> users", where <n> is +the number of users currently logged in, +.IP \fB\ev\fP +inserts operating system version (uname -v). +.IP \fB\eXYZ\fP +inserts a letter with octal code XYZ. +.PP +.SH EXAMPLE +"\fBLinux\ eos\ i386\ #1\ Tue\ Mar\ 19\ 21:54:09\ MET\ 1996\fP" was produced +by putting "\fB\\s\ \\n\ \\m\ \\v\fP" into +.IR /etc/issue . +. +.PP +.SH "NGETTY-ARGV" +The program \fBngetty-argv\fP(8) splits argv[1] on strings, +expands \fB%U\fP and \fB%T\fP to username and tty and then +start the +the application. The first char after "login-argv=" +is split char. In the examples above every user logs on tty4 +without password and tty5 is always root. To understand better +how \fBngetty-argv\fP works try as non-root: +.br +.PP +.B ngetty-argv ':/bin/echo:echo:%U: on %T' usr tty3 +.br +.B ngetty-argv ':/bin/sleep:-hacker:39:I am %U on %T' 123 X +.PP +.TP +One can put also options for ngetty-argv at the beginning. +.IP +\fB--\fP last option +.IP +\fB-u503\fP setuid to 503 +.IP +\fB-g230\fP setgid to 230 +.IP +.br +\fB-a120\fP exec alarm(120) before starting child +.IP +\fB-s10\fP sleep 10 secs before starting child +.IP +\fB-d/X/YZ\fP chdir(/X/YZ) before starting child +.IP +\fB-r/A/BC\fP chroot(/A/BC) before starting child +.IP +\fB-D\fP start the child in background and exit +.IP +\fB-N -C\fP NOTTY | SCTTY controlling tty +.IP +\fB-S\fP like \fBsetsid\fP(8) +.IP +\fB-e,HOME=/,TERM=linux\fP same as \fBenviron=\fP above +.IP +\fB-p/path/to/pid.file\fP write the child pid here +. +.PP +One possible example for \fB/etc/ngetty/Conf\fP is: +.RS 4 +.br +tty9=clear= +.br +tty9=issue-file= +.br +tty9=login-prompt=\en \ed \et qmail-qread: +.br +tty9=login-prog=/sbin/ngetty-argv +.br +tty9=login-argv=:-u106:-g503:-d/var/qmail:-- +.br + :./bin/qmail-qread:qread +.RE +.PP +Another example is setting the TTY environ automatically: +.RS 4 +=login-prog=/sbin/ngetty-argv +.br +=login-argv=:-e,TTY=/dev/%T,TERM=linux:-- +.br + :/bin/login:login-%T:--:%U +.RE +. +.PP +I recommend using \fBngetty-argv \fP in +.IR /etc/inittab +also. +Put as last argument runlevel string. Then ps will +show \fBngetty-2345\fP instead of \fBngetty\fP. Next +start tty1 ... tty6 on runlevels 2345. +.RS 4 +ng:\fB2345\fP:respawn:/sbin/ngetty-argv +.br + .-e.-S.-d/.-s1.--./sbin/%U.%U-%T.1.2.3.4.5.6 +.br + ngetty \fB2345\fP +.RE +. +.PP +On a terminal (in scripts) start ngetty with +.RS 4 +ngetty-argv .-N.-S.-e./sbin/%U.%U.8.9.10 ngetty +.br +ngetty-argv .-D.-S.-e./sbin/%U.%U.8.9.10 ngetty +.RE +.PP +This program is a hack written for \fBngetty-helper\fP. +There is no additional code in ngetty-helper and +it's possible to start a program with any args. +It is like a filter between ngetty-helper and login application. +One can easy modify it without touching ngetty-helper. +It's similar to DJB well known \fBargv0\fP(1) and +\fBsetuidgid\fP(8). +You can write own such programs +and use them instead of ngetty-argv. +. +.SH FILES +.TS +tab (@); +l l. +/etc/ngetty/Conf@ \fBngetty-helper\fP configuration file +/etc/ngetty/Conf.sed@ private setup file +/etc/ngetty/setup@ updates \fBConf.sed -> Conf\fP +/etc/issue@ printed before the login prompt +/var/run/utmp@ the system status file +/var/log/wtmp@ the system logging file +/etc/inittab@ \fBinit\fP(8) configuration file +.TE +. +.PP +.SH SEE ALSO +. +.BR getty (8) +.BR fgetty (8) +.BR mingetty (8) +.br +.BR login (1) +.BR nlogin (1) +.BR argv0 (1) +.BR setuidgid (8) +.BR stty (1) +.br +http://sites.google.com/site/anbadeol/logind +. +.SH AUTHOR +. +Nikola Vladov +.br +http://riemann.fmi.uni-sofia.bg/ngetty/ +. +.SH COPYRIGHT +. +Copyright 2007,2008,2010 Nikola Vladov +.PP +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. +.PP +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. |