LOGIN-SH(8)                 System Manager's Manual                LOGIN-SH(8)

       login-sh - authenticating login shell


       login-sh provides a simple interface to the authentication service for
       login by replacing the user's login shell with a "wrapper" that
       requires them to authenticate first, then executes the real login
       shell.  login-sh may be used in conjunction with or as a replacement
       for passwords in the password file /etc/passwd.  The user's actual
       login shell information is stored in an external file.

       Note that login-sh runs as the user, with their permissions. This is
       attractive, as it separates the authentication policy from the
       permissions granting policy (/bin/login).

       login-sh reads its configuration rules and permissions information from
       the firewall configuration table netperm-table, retrieving all rules
       specified for "login-sh".  The following configuration rules are

       authserver address port
              specifies the network address and service port of the
              authentication server to use. (See authsrv)

       shellfile pathname
              specifies a file that contains information about users' login
              shells.  The shell configuration file. Empty lines and lines
              with a '#' as the first character are discarded or treated as
              comments. The format of the shell configuration file is a list
              of entries, one per line, in the form of:

              userid  executable parameter-0 [parameter-1] [parameter-n]

              The first three values must be defined. The userid field matches
              the login name of the user invoking login-sh from the
              /etc/passwd file. The second field should specify the executable
              pathname of the program to run after authentication is
              completed. The third and remaining fields are parameters to pass
              to the executable program, starting at parameter zero.  Many
              command interpreters check the name of parameter zero (argv[0])
              to determine if they are a login shell. For such command
              interpreters, one should be careful to define them with the
              expected form, typically a leading dash '-'.

       To install login-sh first place the executable in a system area, and
       define the shellfile and authserver options in netperm-table.  Systems
       that are using login-sh should have all programs that permit users to
       change their login shells disabled, or should have the setuid bit

       Users password file entries should resemble:

       mjr::100:10:Marcus J Ranum:/home/mjr:/usr/local/etc/login-sh

       with a sample shellfile entry for mjr that resembles:

       mjr  /usr/bin/ksh   -ksh

       Note in the example, that the pathname (/usr/bin/ksh) and the first
       parameter for the program ("-ksh") are different. There must be a
       minimum of two parameters for each login shell that is defined.

       Users wishing both password authentication and secondary authentication
       may set passwords on their entries in /etc/passwd as well as using

       netperm-table       shellfile /etc/passwd
       netperm-table(5) authsrv(8)
       Some systems may require the administrator to add login-sh to
       /etc/shells as programs like ftpd check for a valid user shell before
       permitting access.

                                2 October 1993                     LOGIN-SH(8)