Linux Login
There are three ways to log into a Linux system once it is running:
- Locally via a character-mode connection. This could be the
system console, pseudo-terminals (accessed from the system
console) or real terminals connected (possibly through a modem)
to a serial line.
- Locally or remotely via a graphic interface.
- Remotely via some protocol such as rsh, ssh, or telnet.
Each of these cases is described below.
- For local non-graphic interfaces:
- For any local non-graphic interfaces the
program /sbin/getty (or sometimes /sbin/mingetty) is run. The startup of getty is done from an entry in /etc/inittab for the SysV version of init and is done by a startup config file (one for each terminal) in Upstart.
In systemd, each tty device is represented by a symbolic link to
getty@.service.
- getty issues a login prompt (or waits for a connection on a modem and then
issues a login prompt) on the stdout device.
- When a username is entered, getty does an exec to /bin/login. login
reads and validates the password and then does an exec to the shell
program specified for the logged-in user in /etc/passwd.
- When the user logs off, getty detects the process termination and
resets the terminal for a new connection.
- For GUI Interfaces:
The initiation of the GUI subsystem is done by starting a display manager, usually either GDM (Gnome) or KDM (KDE).
The method of selecting and starting the display manager depends on which version of init is running:
- System V init:
init runs the script prefdm which decides on the preferred display
manager based on an entry in the file /etc/sysconfig/desktop. If a
value is found, the corresponding display manager is started.
Otherwise the first found display manager is started in the order
gdm (for Gnome), kdm, or xdm.
What happens next depends on which display manager is selected.
Let's assume Gnome is selected.
gdm (/usr/bin/gdm) is a script that simply invokes /etc/profile to
set system-wide environment settings, and then runs gdm-binary.
- Upstart init:
Which desktop manager starts depends on which configuration file is in the /etc/init directory. In the case of GDM it is /etc/init/gdm.conf. That file contains a short script that replaces /usr/bin/gdm, described above for SysV init. The conf file then directly starts gdm-binary.
- Systemd init:
The display manager is started by
display-manager.service. In this case gdm is a binary not a script.
The gdm binary then starts X (Yes, "X" is really the name of a program.) X is the X-windows
server that controls the screen. gdm then starts the gdm-greeter. This latter program puts up the
login screen.
- For Network Interfaces:
Most modern Linux distributions no longer support telnet or rsh in their out-of-box configurations, so we'll use ssh as the example. If a user installs Telnet or rsh, the login mechanism is essentially the same for them as is described for ssh below.
During system initialization, the init process starts a daemon for ssh, called
sshd. sshd then listens on a network port for connection requests. When a request is received, sshd forks a copy of itself to handle the new connection. That copy then authenticates the user. This can either be done using a private/public key pair, or by asking the ssh client to ask the user to enter a password. (The ssh client is started by the user on his/her computer.) The original sshd process on the server, as well as its copy, are running as root (the super user). Assuming the authentication succeeded, the copy now spawns a second copy running as the just-authenticated user. This second copy then creates a new process using the user's preferred shell program (as specified in the password file, /etc/passwd).
Once the user has been logged in, the system does an initialization of the user's environment.
Next: Initialization of User's Environment
Return to main PC Boot Sequence page
Return to my writing page
Return to my home page