Unix/Linux Go Back    


BSD 2.11 - man page for userfile (bsd section 5)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


USERFILE(5)									      USERFILE(5)

NAME
       USERFILE - UUCP pathname permissions file

DESCRIPTION
       The  USERFILE  file specifies the file system directory trees that are accessible to local
       users and to remote systems via UUCP.

       Each line in USERFILE is of the form:

       [loginname],[system] [ c ] pathname [pathname] [pathname]

       The first two items are separated by a comma; any number of spaces or  tabs  may  separate
       the  remaining  items.  Lines beginning with a `#' character are comments.  A trailing `\'
       indicates that the next line is a continuation of the current line.

       Loginname is a login (from /etc/passwd) on the local machine.

       System is the name of a remote machine, the same name used in L.sys(5).

       c denotes the optional callback field.  If a c appears here, a remote machine  that  calls
       in  will be told that callback is requested, and the conversation will be terminated.  The
       local system will then immediately call the remote host back.

       Pathname is a pathname prefix that is permissible for this login and/or system.

       When uucico(8) runs in master role or uucp(1) or uux(1) are run by local users,	the  per-
       mitted pathnames are those on the first line with a loginname that matches the name of the
       user who executed the command.  If no such line exists, then the first line  with  a  null
       (missing)  loginname  field is used.  (Beware: uucico is often run by the superuser or the
       UUCP administrator through cron(8).)

       When uucico runs in slave role, the permitted pathnames are those on the first line with a
       system  field  that  matches  the hostname of the remote machine.  If no such line exists,
       then the first line with a null (missing) system field is used.

       Uuxqt(8) works differently; it knows neither a login name nor a hostname.  It accepts  the
       pathnames  on the first line that has a null system field.  (This is the same line that is
       used by uucico when it cannot match the remote machine's hostname.)

       A line with both loginname and system null, for example

	      , /usr/spool/uucppublic

       can be used to conveniently specify the paths for both "no match" cases if  lines  earlier
       in  USERFILE did not define them.  (This differs from older Berkeley and all USG versions,
       where each case must be individually specified.	If neither case  is  defined  earlier,	a
       "null" line only defines the "unknown login" case.)

       To  correctly process loginname on systems that assign several logins per UID, the follow-
       ing strategy is used to determine the current loginname:

       1)     If the process is attached to a terminal, a login entry  exists  in  /var/run/utmp,
	      and  the	UID for the utmp name matches the current real UID, then loginname is set
	      to the utmp name.

       2)     If the USER environment variable is defined and the UID for this name  matches  the
	      current real UID, then loginname is set to the name in USER.

       3)     If  both of the above fail, call getpwuid(3) to fetch the first name in /etc/passwd
	      that matches the real UID.

       4)     If all of the above fail, the utility aborts.

FILES
       /etc/uucp/USERFILE
       /etc/uucp/UUAIDS/USERFILE   USERFILE example

SEE ALSO
       uucp(1), uux(1), L.cmds(5), L.sys(5), uucico(8), uuxqt(8)

NOTES
       The UUCP utilities (uucico, uucp, uux, and uuxqt) always have access  to  the  UUCP  spool
       files in /usr/spool/uucp, regardless of pathnames in USERFILE.

       If uucp is listed in L.cmds(5), then a remote system will execute uucp on the local system
       with the USERFILE privileges for its login, not its hostname.

       Uucico freely switches between master and slave roles during the course of a conversation,
       regardless of the role it was started with.  This affects how USERFILE is interpreted.

WARNING
       USERFILE  restricts access only on strings that the UUCP utilities identify as being path-
       names.  If the wrong holes are left in other UUCP control files (notably L.cmds),  it  can
       be  easy  for an intruder to open files anywhere in the file system.  Arguments to uucp(1)
       are safe, since it assumes all of its non-option arguments are files.  Uux(1) cannot  make
       such assumptions; hence, it is more dangerous.

BUGS
       The  UUCP Implementation Description explicitly states that all remote login names must be
       listed in USERFILE.  This requirement is not enforced by Berkeley UUCP, although it is  by
       USG UUCP.

       Early  versions of 4.2BSD uuxqt(8) erroneously check UUCP spool files against the USERFILE
       pathname permissions.  Hence, on these systems it is necessary to specify  /usr/spool/uucp
       as  a  valid  path on the USERFILE line used by uuxqt.  Otherwise, all uux(1) requests are
       rejected with a "PERMISSION DENIED" message.

4.3 Berkeley Distribution		November 27, 1996			      USERFILE(5)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums


All times are GMT -4. The time now is 07:57 AM.