pkcs11_inspect(1) [centos man page]
pkcs11_inspect(1) PAM PKCS#11 pkcs11_inspect(1) NAME
pkcs11_inspect - print certificate contents SYNOPSIS
pkcs11_inspect [debug] [config_file=<filename>] DESCRIPTION
pkcs11_inspect uses the pam_pkcs11 library infrastructure to get the content of a certificate and display it. pkcs11_inspect uses the same configuration file and arguments than pam_pkcs11(8) PAM module. It loads defined mapper modules, and use them to look into the certificate for required entries (ie: ms_mapper looks for ms UPN entries, and so on). When a mapper module finds a proper entry in the certificate, it converts to UTF-8 and print it to stdout. OPTIONS
debug Enable debugging output. config_file=<filename> Sets the configuration file to use. Default value is /etc/pam_pkcs11/pam_pkcs11.conf. As it uses the same configuration file as pam_pkcs11, all pam_pkcs11 options are also available. Note that some of them have no sense in a non-PAM environment, so they will be ignored. Some mapper options (mapfile, ignorecase) have no effect on certificate contents, so they will be ignored too. RETURN VALUE
On success pkcs11_inspect prints on stdout all certificate contents that are found for mappers and returns 0. On error it returns 1. FILES
/etc/pam_pkcs11/pam_pkcs11.conf EXAMPLES
To run this program the standard way, insert a smart card in the reader and type: pkcs11_inspect Alternatively you can specify options: pkcs11_inspect debug config_file=${HOME}/.pam_pkcs11.conf AUTHORS
Juan Antonio Martinez <jonsito@teleline.es> SEE ALSO
pam_pkcs11(8), pklogin_finder(1) PAM-PKCS11 User Manual Juan Antonio Martinez Aug 2005 pkcs11_inspect(1)
Check Out this Related Man Page
pklogin_finder(1) User Commands pklogin_finder(1) NAME
pklogin_finder - map certificates into a user SYNOPSIS
/usr/lib/pam_pkcs11/pklogin_finder [debug] [config_file=filename] DESCRIPTION
pklogin_finder uses the pam_pkcs11 library infrastructure to interactively map a PKCS#11 provided certificate to a user. pklogin_finder uses the same configuration file and arguments than pam_pkcs11(5) PAM module. It loads defined mapper modules and tries to find a map between found certificates and a user login. OPTIONS
The following options are supported: config_file=fileame Set the configuration file. The default value is /etc/security/pam_pkcs11/pam_pkcs11.conf. debug Enable debugging output. The default is no debug. As it uses the same configuration file as pam_pkcs11(5), all of the pam_pkcs11 options are available. Some of these options make no sense in a non-PAM environment, and are therefore ignored. Some mapper options (mapfile, ignorecase) have no effect on certificate contents, and they are ignored as well. EXIT STATUS
The following exit values are returned: 0 Successful completion. pkcs11_inspect prints on stdout the login name and exits. 1 An error occurred. A user mapping error was found. 2 An error occurred. No user match was found. EXAMPLES
Example 1 Using pklogin_finder The following example runs the pklogin_finder command without any options: % pkcs11_inspect Example 2 Using pklogin_finder with Options The following example runs the pkcs_finder command with options: % pklogin_finder debug config_file=${HOME}/.pam_pkcs11.conf FILES
/etc/security/pam_pkcs11/pam_pkcs11.conf AUTHORS
Juan Antonio Martinez, jonsito@teleline.es ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWpampkcs11u, SUNWpamp- | | |kcs11r, SUNWpampkcs11-docs | +-----------------------------+-----------------------------+ |Interface Stability |Uncommitted | +-----------------------------+-----------------------------+ SEE ALSO
pkcs11_inspect(1), attributes(5), pam_pkcs11(5) PAM-PKCS11 User Manual, http://www.opensc-project.org/pam_pkcs11 SunOS 5.11 17 Jul 2008 pklogin_finder(1)