login [ -h HostName ] [ -p ] [ -f User ] [ User [ Environment ] ]
The login command (part of the tsm command) initiates sessions on the system for the user specified by the User parameter. You can also specify environment variables to be added to the user's environment. These are strings of the form Variable=Value. The login command is not normally entered on the command line.
Notes:
- The PATH, IFS, HOME, and SHELL environment variables may not be initialized from the command line.
- The login command supports multibyte user names. It is recommended that the system administrator restrict the user names to characters within the portable character set to remove any ambiguity.
- If the /etc/nologin file exists, the system prevents the user from logging in and displays the contents of the /etc/nologin file. The system does allow the root user to log in if this file exists. The /etc/nologin file is removed when you reboot the system.
The login command can handle Distributed Computing Environment (DCE) user names of up to 1024 characters. DCE user names are stored in the LOGIN environment variable. Because DCE user names do not conform to standard operating system requirements, the first 8 characters of the DCE user name are stored in all standard operating system files and environments.
The login command
performs the following functions:
These functions are performed in the order given; if one fails, the functions that follow are not performed.
When a user logs in successfully, the login command makes entries in the /etc/utmp file that tracks current user logins and the /var/adm/wtmp file that is used for accounting purposes. The login command also sets the LOGIN and LOGNAME environment variables.
Information pertaining to each unsuccessful login is recorded in the /etc/security/failedlogin file. The information stored is the same as that in the /etc/utmp file, except that unrecognizable user names are logged as UNKNOWN_USER. This ensures that a password accidentally entered as a user name, for example, is not allowed into the system unencrypted.
After a successful login, the login command displays the message of the day, the date and time of the last successful and unsuccessful login attempts for this account, and the total number of unsuccessful login attempts for this account since the last successful login. These messages are suppressed if there is a .hushlogin file in your home directory.
The login command also changes the ownership of the login port to the user. This includes any ports noted as synonyms in the /etc/security/login.cfg file.
In order to preserve the integrity of the system, only one session at a time is allowed to be logged in to a port. This means that the login command entered from the shell prompt cannot succeed, as both the original session and the new login session would be on the same port. However, the exec login command succeeds because a new shell replaces the current one. The login command is typically a built-in shell command, causing the shell to replace itself.
Note: Unless your terminal displays only uppercase letters, your user name should not consist of uppercase letters exclusively.
To log in with multibyte user names, you must first open a Japanese window (aixterm) and initiate a new login from the Japanese window.
Access Control: This command sets the setuid permission to the root user, grants executable (x) permission to any user, and is in the Trusted Computing Base.
To log in to the system as user jamesd, enter the following at the login prompt:
login: jamesd
If a password is defined, the password prompt appears. Enter your password at this prompt.
/usr/sbin/login | Contains the login command. |
/etc/utmp | Contains accounting information. |
/var/adm/wtmp | Contains accounting information. |
/etc/motd | Contains the message of the day. |
/etc/passwd | Contains passwords. |
$HOME/.hushlogin | Suppresses login messages. |
/etc/environment | Contains user environment configuration information. |
/etc/security/login.cfg | Contains port synonyms. |
/etc/security/lastlog | Contains information pertaining to the most recent successful and unsuccessful login attempts. |
/etc/security/failedlogin | Contains information pertaining to each unsuccessful login. |
The getty command, setgroups command, setsenv command, su command tsm command.
The utmp, wtmp, failedlogin file format, lastlog file format.
The authenticate subroutine, setuid subroutine.
Suppressing Login Messages in AIX 5L Version 5.1 System User's Guide: Operating System and Devices.
Login and Logout Overview in AIX 5L Version 5.1 System User's Guide: Operating System and Devices.
Shells Overview in AIX 5L Version 5.1 System User's Guide: Operating System and Devices describes what shells are, the different types of shells, and how shells affect the way commands are interpreted.