This set of functions checks to see if login is allowed based on login
class capability entries in the login database,
function checks to see if the named tty is available to users of a specific
class, and is either in the
access list, and not in
list (or if no such capability exists for
the given login class) logins via any tty device are allowed unless
list exists and is non-empty, and the device or its
tty group (see
is not in the list.
Access to ttys may be allowed or restricted specifically by tty device
name, a device name which includes a wildcard (e.g. ttyD* or cuaD*),
or may name a ttygroup, when group=<name> tags have been assigned in
Matching of ttys and ttygroups is case sensitive.
or empty string as the
parameter causes the function to return a non-zero value.
function checks for any host restrictions for remote logins.
The function checks on both a host name and IP address (given in its
text form, typically n.n.n.n) against the
login class capabilities.
As with ttys and their groups, wildcards and character classes may be
used in the host allow and deny capability records.
function is used for matching, and the matching on hostnames is case
Note that this function expects that the hostname is fully expanded
(i.e., the local domain name added if necessary) and the IP address
is in its canonical form.
No hostname or address lookups are attempted.
It is possible to call this function with either the hostname or
the IP address missing (i.e.
and matching will be performed
only on the basis of the parameter given.
or empty strings in both parameters will result in
a non-zero return value.
function checks to see that a given time value is within the
login class capability and not within the
An empty or non-existent
list allows access at any
time, except if a given time is falls within a period in the
The format of time period records contained in both
capability fields is explained in detail in the