Linux Init, Getty, Login
The init process revisited
Recall that in /etc/inittab file there were lines like this:
These lines cause init to spawn the mingetty process on runlevels 2 through 5 for tty1 and other terminals. To do this init will use the "fork" function to make a new copy of itself and use an "exec" function to run the getty program. Getty will wait for the user, then read the username. Then init will use the "exec" function to run the login program which will read the password (Some documentation says getty invokes login with the user's name as an argument). If the password entered does not match for the user, init will load and run getty again. If the login is successful, init will use the "exec" function to run the shell program. When the shell exits through the "logout" command, init will load and run the getty program again. The shell is loaded by init or login and the file "/etc/passwd" determines the shell to be used for the user.
Note that network logins are handled differently than console logins since it is impractical to have a getty provided for each potential network login. Network logins are handled through the internet super daemon, inetd using either the telnet or rlogin communication protocol.
Getty performs the following functions:
- Open tty lines and set their modes
- Print the login prompt and get the user's name
- Begin a login process for the user
- At startup, it parses its command line, then reads it's default file, usually "/etc/conf.getty" to determine runtime values. After setting up the "line", getty outputs the contents of the "/etc/issue" file. Then getty reads the user's name and invokes login with the user's name as an argument. While reading the user's name, getty attempts to adapt the system to the speed of the terminal being used, and also sets certain terminal parameters to conform with the user's login procedure. See the termio man page.
- The tty device used by getty is determined by the argument on the command line. The speed argument is a label to an entry in the "/etc/gettydefs" file. this entry defines the initial speed and tty settings, the login prompt to be used, the final speed and tty settings and a pointer to another entry to try if the user indicates that the speed is not correct. This is done by sending a break character.
- Getty scans the gettydefs file looking for a matching entry to the speed. The first entry is used if no speed was given or no match was found.
- The type argument names the type of terminal attached to the line such as 3101. The type should be a valid name listed in the termcap database. Getty uses this value to determine how to clear the video display and sets the environment variable "TERM" to the contents of this value.
- The lined argument describes the line discipline to use on the line. The default is "LDISC0".
During its startup, getty looks for the file "/etc/conf.getty.line" or "/etc/conf.getty". It reads the contents for lines with the form "NAME=value".
The login program will prompt for the user name if no argument is given on the command line.
If the file "/etc/nologin" exists and the user is not root, the contents of the "/etc/nologin" file are printed to the screen and the login is terminated. If special access restrictions are specified for the user logging in in the file "etc/usertty", the restrictions must be met or the log in will be denied and the program syslog will log the attempt. If the user is root the login must be on a terminal listed in the file "etc/securetty".
If the above conditions are met the user password will be requested and then it will be checked (If a password is required for this username). After three unsuccessful attempts to login the response gets very slow, and after 10 attempts, login dies. As usual all login failures will be reported by the syslog facility. If the file ".hushlogin" exists in the user's home directory then a "quiet" login is performed which disables checking of mail and the printing of the last login time and the message of the day. Otherwise if the file "var/log/lastlog" exists the last login time is printed and then the current login is recorded in this file. Is the current login recorded in this file if it does not already exist or if the file ".hushlogin" exists.
At this point the login program will perform standard administrative tasks. These include:
- setting the UID and GID of the tty
- Preserving the TERM environment variable if it exists.
- Preserving other environment variables if the –p option is used
- The HOME, PATH, SHELL, TERM, MAIL, and LOGNAME environment variables are set.
- The default path is set to "/usr/local/bin:/bin:/usr/bin:." for normal users and "/sbin:/bin:/usr/sbin" for root.
- If this is not a "quiet" login, the message of the day is printed and the file with the user's name in "/usr/spool/mail" will be checked and a message will be printed if it has non-zero length.
- The users shell is started. The shell is specified in the file "/etc/passwd". If it is not specified, login will use "/bin/sh" as a default shell.
- If there is no directory specified for the user in "/etc/passwd", login will use "/" by default for the user's home directory.