Linux Login Process __linux

1.init start-up;
2.fork, Exec executes Getty;
3.getty Open terminal, set standard input and output and standard error output;
4.getty again exec execute login;
5.login checks the username and password in the/etc/passwd and obtains various information initialization environments: Start directory, shell, username, and path

6.login EXEC executes Bin/sh,shell first execute system initialization file, then execute user initialization file, initialize user environment.

The Linux Login Process After the system boots, at serial terminals or virtual terminals, the user would have a login prompt similar to: MachineName Login: This prompt was being generated by a program, usually Getty or Mingetty, which was regenerated by the Init process every Tim E A user ends a session on the console. The Getty program would call login, and login, if successful would call the users shell. The steps of the process are:the init process spawns the Getty process. The Getty process invokes the login process when the user enters their name and passes the user name to login. The login process prompts the user for a password, checks it, then if there is success, the user's shell is started. On Failure the displays a error message, ends and then Init would respawn Getty. The user would run their session and eventually logout. On logout, the shell program exits and we return to step 1. Note:this process is what happens for RunLevel 3, but RunLevel 5 uses some different programs to perform similar function S. These x programs are called X clients. The init process revisited Recall that in/etc/inittab file There were lines as this: 1:2345:respawn:/sbin/mingetty tty1

These lines cause init to spawn the Mingetty process in Runlevels 2 through 5 for Tty1 and other terminals. To does this init would use the "fork" function to make a new copy of the itself and the ' EXEC ' function to run the Mingetty p Rogram. Getty'll wait for the user, then read the username. Then Mingetty'll invoke login with the user ' s name as a argument. If the password entered does not match for the user, Init would load and run Mingetty again. If the login is successful, init'll use the "Exec" function to run the user's shell program. When the shell exits through the "logout" command, init'll load and run the Mingetty program again (the reason for the "" Respawn "command in The/etc/inittab file". The file "/etc/passwd" determines the shell to being used for the ' user who was logging in. This version of the Linux uses the Mingetty program which are a minimum Getty program used for virtual terminals. On some systems and normally Unix systems traditionally the Getty program is used which has more capabilities. In this section, the Getty program are described, but you should being aware that many of the special features of Getty would n OT apply to Mingetty.

Note This network logins are handled differently than console logins since it is impractical to have a Getty provided for Each potential network login. Network logins are normally handled through the Internet Super Daemon, inetd using either the Telnet or rlogin Communicati On protocol. The Telnet daemon'll invoke the login program in session starts, then if successful, and the login program would invoke T He user ' s shell.Getty

Getty performs the following functions:open TTY lines and set their modes Print the login prompt and get the user ' s name Begin a login process for the user

A detailed Analysis:at startup, it parses it command line, then reads it's default file, usually "/etc/conf.getty" to de Termine runtime values. After setting up the ' line ' or virtual line, Getty outputs the contents of the '/etc/issue ' file. Then Getty reads the user's name and invokes login with the user ' s name as a argument. While reading the user's name, Getty attempts to adapt the system to the speed of the terminal being, and used also C Ertain terminal parameters to conform with the user ' s login procedure. The Termio man page. The TTY device used by Getty was determined by the "argument on the" command line. This argument was normally determined by the entry in/etc/inittab. The speed argument is a label to a entry in the "/etc/gettydefs" file. This entry defines the initial speed and TTY settings, the login prompt to is used, the final speed and TTY settings and a Pointer to another entry to try if the user indicates this speed is not correct. This is doing by sending A break character. Getty scans the Gettydefs file looking for a matching entry to the speed. The "entry is used if no speed be given or no match was found. The type argument names the type of terminal attached to the line such as 3101. The type should is a valid name listed in the TERMCAP database. Getty uses this value to determine how to clear the display and sets the environment variable ' TERM ' to the contents of this value. On most Linux systems, this value would be "Linux". The lined argument describes the line discipline "to". The default is "LDISC0".

During Its startup, Getty looks for the file "/etc/conf.getty.line" or "/etc/conf.getty". It reads the contents for lines with the form "Name=value". The name strings are listed below:system=name-sets the nodename value. The default is the value returned by uname (3) which returns your system information, usually "Linux". Version=string-sets the @v parameter to the value of the the string or the contents of the the file (if the string, begins with) /") pointed to by the string. Login=name-the Name of the login program to is run when the user enters their name. The default is/bin/login. Init=string-a string used to initialize the "before being used by Getty Issue=string-this string is typed rather t Han the contents of the/etc/issue file. Clear=value hangup=value waitchar=value delay=seconds timeout=number connect=string WAITFOR=string ALTLOCK=line Altline=line ringback=value sched=range1 range2 range3 off=string fido=string emsi=value

These commands are explained better in the Getty (1m) Mans page. Login

The login program would prompt for the user name if no argument are given on the command line.

If the file "/etc/nologin" exists and the user is not root, the contents of the '/etc/nologin ' file are to the SCR Een and the login is terminated. IF special access restrictions are specified for the ' user logging in ' file ' Etc/usertty ', the restrictions must be M Et or the log in'll is denied and the program syslog the attempt. If the user is root the login must being on a terminal listed in the file "Etc/securetty".

If the above conditions are met, the user password'll be requested and then it'll be checked (if a password is require D for this username). After three unsuccessful attempts to login the response gets very, and after slow, login attempts. As usual all login failures is reported by the Syslog facility. If the file ". Hushlogin" exists in the user's home directory then a "quiet" login is performed which disables-checking of Mail and the printing of the last login and the ' Day '. Otherwise if the file "Var/log/lastlog" exists the ' last login ' is printed and then the ' current login ' recorded in th is file. Is the current login recorded in this file if it does not already exist or if the file ". Hushlogin" exists? I do it does but have found no documentation that says.

At this point the login program would perform standard administrative tasks. These include:setting the UID and GID of the TTY preserving the TERM environment variable if it exists. Preserving environment variables If the–p option is used the home, PATH, SHELL, TERM, MAIL, and LOGNAME environment Variables are set. The default path is set to '/usr/local/bin:/bin:/usr/bin:. ' For normal users and '/sbin:/bin:/usr/sbin ' for root. If This isn't a "quiet" login, the message of the "printed" and "the" file with the user's name in "/usr/spool/mail" W Ill be checked and a message would be printed if it has non-zero length. The users shell is started. The shell is specified in the file "/etc/passwd". If It is not specified, login would use "/bin/sh" as a default shell. This shell is run with the user ' s privileges rather than root privileges as login is run. If There is no directory specified for the user in "/etc/passwd", Login would use "/" By default for the user ' s home direct Ory.

Another function that login would perform be to update the user accounting login files which are "/var/run/utmp" and "var/l Og/wtmp "which hold information about the amount of time users have been on the system along with when they on and Off. Also the "init program" and "Getty may write to" these files. How Login uses the/etc/passwd file:

Once the user has successfully logged in and the login program would invoke the user's shell. The login program would look at THE/ETC/PASSWD file to determine which shell program to run. THE/ETC/PASSWD file contains entries containing the complete path of the shell. A sample/etc/passwd file is listed below:

Root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/ ADM:
LP:X:4:7:LP:/VAR/SPOOL/LPD:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/ Sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news :/var/spool/news:
UUCP:X:10:14:UUCP:/VAR/SPOOL/UUCP:
operator:x:11:0:operator:/root:
games:x : 12:100:games:/usr/games:
gopher:x:13:30:gopher:/usr/lib/gopher-data:
ftp:x:14:50:ftp User:/home/ftp:
nobody:x:99:99:nobody:/:
xfs:x:100:101:x Font server:/etc/x11/fs:/bin/false
gdm:x:42:42::/home/ Gdm:/bin/bash
postgres:x:40:233:postgresql Server:/var/lib/pgsql:/bin/bash
squid:x:23:23::/var/spool/ Squid:/dev/null
Mark:x:500:500::/home/mark:/bin/bash
George:x:501:501::/home/george:/bin/bash

The syntax is:

Account:password:uid,gid,gecos:directory:shell

Where the fields are defined as:account-the user ' s name. Password-the users encrypted Passwrod or a place holding Character if the system is using shadow passwords and storing the password in The/etc/shadow file which are readable only by Root. Uid-the users numerical identification. Gid-the number of the primary group for the user. Gecos-usually has the full user name. This is the only to information purposes and is optional. This information is sometimes called the user ' s finger information. Directory-the full path of the user's home directory. Shell-the full path and filename of the user s shell. If No value is here/bin/sh is assumed. This value can is changed with the Chsh command.

The login program would use the Account field to find the username and therefore get the UID of the user. Login would also use the password (or The/etc/shadow file) to be sure the entered password is a match. Login would look up the user's home directory and use this to set the $HOME environment variable. Login would use the "shell field" to determine what shell program (such as bash, sh, tsh, etc.) to run for that user. Then login to the "shell program." There is a important difference in the control passed at this point, however! The shell program would run with the user's privileges and not with root privileges. The programs to this point (init, Getty, Login) have all run with root privileges.

Files used by of the login program:/etc/nologin-this file are used to prevent users who are not root from logging into T He system. /etc/usertty-this file is used to impose special access restrictions on users. /etc/securetty-controls the terminals that the root user can login. . hushlogin-when This file exists in the user's home directory, it'll prevent check for mail, printing of the last Logi n time, and the message of the ' Day ' when the ' user logs in./var/log/lastlog-contains information about the ' last time a lo Gin was doing on the system. /etc/passwd-contains information about the user including the ID, name, home directory, and the path to the preferred SH ELL program. If not using shadow passwords, this file may also contain user passwords.