• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

The Geek Diary

HowTos | Basics | Concepts

  • Solaris 11
  • Solaris
    • SVM
    • ZFS
    • Zones
    • LDOMs
    • Hardware
  • Linux
    • CentOS/RHEL 7
    • RHCSA notes
    • SuSE Linux Enterprise
    • Linux Services
  • VxVM
  • VCS
  • Interview Questions
  • oracle
    • ASM
    • mysql
    • RAC
    • oracle 12c
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting

Understanding /etc/login.defs file

By admin

The /etc/login.defs file provides default configuration information for several user account parameters. The useradd, usermod, userdel, and groupadd commands, and other user and group utilities take default values from this file. Each line consists of a directive name and associated value.

Below is sample /etc/logins.defs file from CentOS 7 system.

# cat /etc/login.defs
#
# Please note that the parameters in this configuration file control the
# behavior of the tools from the shadow-utils component. None of these
# tools uses the PAM mechanism, and the utilities that use PAM (such as the
# passwd command) should therefore be configured elsewhere. Refer to
# /etc/pam.d/system-auth for more information.
#

# *REQUIRED*
#   Directory where mailboxes reside, _or_ name of file, relative to the
#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
#   QMAIL_DIR is for Qmail
#
#QMAIL_DIR	Maildir
MAIL_DIR	/var/spool/mail
#MAIL_FILE	.mail

# Password aging controls:
#
#	PASS_MAX_DAYS	Maximum number of days a password may be used.
#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
#	PASS_MIN_LEN	Minimum acceptable password length.
#	PASS_WARN_AGE	Number of days warning given before a password expires.
#
PASS_MAX_DAYS	99999
PASS_MIN_DAYS	0
PASS_MIN_LEN	5
PASS_WARN_AGE	7

#
# Min/max values for automatic uid selection in useradd
#
UID_MIN                  1000
UID_MAX                 60000
# System accounts
SYS_UID_MIN               201
SYS_UID_MAX               999

#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN                  1000
GID_MAX                 60000
# System accounts
SYS_GID_MIN               201
SYS_GID_MAX               999

#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD	/usr/sbin/userdel_local

#
# If useradd should create home directories for users by default
# On RH systems, we do. This option is overridden with the -m flag on
# useradd command line.
#
CREATE_HOME	yes

# The permission mask is initialized to this value. If not specified, 
# the permission mask will be initialized to 022.
UMASK           077

# This enables userdel to remove user groups if no members exist.
#
USERGROUPS_ENAB yes

# Use SHA512 to encrypt password.
ENCRYPT_METHOD SHA512

The following is a partial list of /etc/login.defs directives:

  • Location of user mailboxes
  • Password aging controls
  • Minimum and maximum values for automatic UID selection (1000 to 60000)
  • Minimum and maximum values for automatic GID selection (1000 to 60000)
  • Whether home directories should be created when adding a new user
  • Default umask
  • Encryption method used to encrypt passwords

If the USERGROUPS_ENAB directive in /etc/login.defs is set to YES, a group is created for the user with the same name as the username. If the directive is set to NO, the useradd command sets the primary group of the new user to the value specified by the GROUP directive in the /etc/default/useradd file, or 100 by default.

Filed Under: Linux

Some more articles you might also be interested in …

  1. CentOS / RHEL 7 : Booting process
  2. Yum Command Fails with “Another app is currently holding the yum lock” in CentOS/ RHEL 7
  3. Understanding /etc/xinetd.d directory under Linux
  4. CentOS / RHEL 6 : How to password protect grub (Password-Protected Booting)
  5. CentOS / RHEL : How to restrict SSH login by time of day
  6. How to install and Configure VNC (TigerVNC) server in CentOS / RHEL 7
  7. Linux OS service ‘dhcpd’
  8. Understanding SELinux File Labelling and SELinux Context
  9. CentOS / RHEL : Resize (extend) non-root EXT3/4 filesystem on non-LVM device (hard disk partition)
  10. CentOS / RHEL 7 : How to configure Network Bonding or NIC teaming

You May Also Like

Primary Sidebar

Recent Posts

  • How to check failed or bad login attempts in Linux
  • How to configure chrony statistics in CentOS / RHEL 7
  • How to create Docker Image from a Container and Dockerfile
  • Beginners Guide to The Docker World
  • Beginners Guide to Udev in Linux

Footer

Cheat Sheets

  • LDOMs (OVM for SPARC) Command line reference
  • Solaris Volume Manager (SVM) command line reference
  • Solaris ZFS command line reference
  • RHEL 7 – RHCSA Notes (Cheat Sheets)
  • CentOS / RHEL 7 : firewalld Cheat Sheet
  • systemd command line reference (cheat sheet)

Solaris interview questions

  • The ultimate Solaris Volume Manager (SVM) interview questions
  • The ultimate Solaris zones (containers) interview questions
  • The ultimate Solaris networking interview questions
  • The ultimate ZFS interview questions
  • Archives
  • Contact Us
  • Copyright

© 2018 · The Geek Diary