08-30-2001
newbie questions...
1. someuser@somehost is a repersentation of a
user's id at (@) some host BUT it normally
represents an email address and does not
necessarily mean the user has anything but
an email account on that server. In other
words, it has nothing to do with telnet access.
2. you would use the "su" command to change to
another user assuming you have that user's
password. Check the man page su(1).
I hope this answers your questions. I'm sure
it creates more
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Even though I have been logging in to a UNIX shell at school to complete school projects and write programs, but I had never really worked in UNIX environment. But a couple of weeks back I got hooked on to Solaris 9OE, read a book, a tutorial, a document provided on the Sun Microsystems website,... (1 Reply)
Discussion started by: init-5
1 Replies
2. Shell Programming and Scripting
I am relatively new to both KSH and Unix scripting, and I would like some help getting my script up and running. I would like to have the script attempt various commands (tar, copy, gzip etc) and then write the results (error msg or success msg) to a temp file. I would then like an email sent to... (2 Replies)
Discussion started by: mharley
2 Replies
3. Linux
I have been an apple customer for years now, and am not satisfied with the direction that they are going. So I just ordered my first PC notebook the other day. I have no desire to use windows, however with microsoft's hold on the market, I feel that I may have a hard time doing this. I want to... (2 Replies)
Discussion started by: Brycemb16
2 Replies
4. UNIX for Dummies Questions & Answers
Hi Unix gurus,
I know these are some easy questions.
But i just want to be sure about them.
Hope someone can help explain the following please?
1) if ]
- What does the "-r" means?
2) isql -U $DBUSER -D $DBNAME -S $DSQUERY -w 1000 -s";" << testfile > $FILE
- What does the -s";" mean and... (1 Reply)
Discussion started by: gholdbhurg
1 Replies
5. UNIX for Dummies Questions & Answers
Hello,
I want to learn LISP, and I have a GNU/Linux OS. I first sought a LISP compiler/interpreter and was told that GNU Emacs has a LISP mode. But I couldn't get into LISP mode, nor I don't know how to use it when I get into LISP mode.
How can I run LISP code under GNU Emacs?
And if... (1 Reply)
Discussion started by: rayne
1 Replies
6. Solaris
Hello everyone, I am brand spanking new to both Solaris and Unix. I thought I would give it a go after buying a SB2500 off ebay for a few hundred dollars.
I am having some issues that I am not sure how to correct, and I am wondering if I can get a few pointers?
The first one is that my system... (2 Replies)
Discussion started by: GeekMasterFlash
2 Replies
7. Shell Programming and Scripting
Hi,
So I started to learn perl a few days ago, and I have some problems...
One of my problems...
#!C:\Perl64\bin\perl.exe -w
use LWP::Simple;
print "Content-Type: Text/Plain\n\n";
sub pagelinks {
return @all = get($_) =~ /href\s*=\s*"?(+)/gis;
}
@a =... (5 Replies)
Discussion started by: byte1918
5 Replies
8. UNIX for Dummies Questions & Answers
I entered a command at the prompt and it's interactive (not background). It gathers some stats and writes them to a file. I want to see this job running and what it's doing - I/O especially and maybe CPU and stuff. What can do to see this (say using a second session?)
I know it's a long job but... (3 Replies)
Discussion started by: ido1957
3 Replies
9. AIX
Hi Guys, I am new in this forum and new with AIX however not new with Power System. I have worked with iSeries for many years. Now supporting AIX on Power.
Here are some basic questions I have.
1. I am using Putty to connect from my PC to the AIX boxes. Is there any other (better) program to... (6 Replies)
Discussion started by: 300zxmuro
6 Replies
LEARN ABOUT SUSE
krb5_auth_rules
krb5_auth_rules(5) Standards, Environments, and Macros krb5_auth_rules(5)
NAME
krb5_auth_rules - Overview of Kerberos V5 authorization
DESCRIPTION
When a user uses kerberized versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user is "who
he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
is permitted to access the Solaris user account that the client wants to access.
Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file should
contain a Kerberos principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.
If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)). If the originating
user's Kerberos V5 identity is in the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
the originating user is denied access.
For example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database (see passwd(4)) with uid 23154, then
access to account jdb-user is granted. Of course, normally, the target account name in this example would be jdb and not jdb-user.
Finally, if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
be granted access to the account if and only if all of the following are true:
o The user part of the authenticated principal name is the same as the target account name specified by the client.
o The realm part of the client and server are the same.
o The target account name exists on the server.
For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM, then even if
jdb is a valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
differ.
FILES
~/.k5login Per user-account authorization file.
/etc/passwd System account file. This information may also be in a directory service. See passwd(4).
ATTRIBUTES
See attributes(5) for a description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)
NOTES
To avoid security problems, the ~/.k5login file must be owned by the remote user.
SunOS 5.10 13 Apr 2004 krb5_auth_rules(5)