Visit Our UNIX and Linux User Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

matrix.conf(4) [osf1 man page]

matrix.conf(4)						     Kernel Interfaces Manual						    matrix.conf(4)

NAME
matrix.conf - SIA (Security Integration Architecture) configuration file DESCRIPTION
The matrix.conf file provides the means to configure the SIA security mechanisms for security sensitive commands. Each security mechanism provider should either use the siacfg command to update the matrix.conf file or provide a new matrix.conf file to support their security product. The operating system is provided with a default BSDmatrix.conf file. When the sysman secconfig utility is run to enable enhanced security, the operating system modifies the matrix.conf file to use the enhanced security mechanism. See the EXAMPLES section for samples of the default files. The commands affected by the SIA mechanism and matrix.conf file include: rshd ftpd chfn chsh su login passwd The Security manual contains a detailed description of the SIA programming interface and as well as a description of the administration of the associated /etc/sia/matrix.conf files. EXAMPLES
The following is the default BSD (Base) security mechanism /etc/sia/matrix.conf file: # # sia matrix configuration file (BSD only) # siad_init=(BSD,libc.so) siad_chk_invoker=(BSD,libc.so) siad_ses_init=(BSD,libc.so) siad_ses_authent=(BSD,libc.so) siad_ses_estab=(BSD,libc.so) siad_ses_launch=(BSD,libc.so) siad_ses_suauthent=(BSD,libc.so) siad_ses_reau- thent=(BSD,libc.so) siad_chg_finger=(BSD,libc.so) siad_chg_password=(BSD,libc.so) siad_chg_shell=(BSD,libc.so) siad_getpwent=(BSD,libc.so) siad_getpwuid=(BSD,libc.so) siad_getpwnam=(BSD,libc.so) siad_setpwent=(BSD,libc.so) siad_endpwent=(BSD,libc.so) siad_getgrent=(BSD,libc.so) siad_getgrgid=(BSD,libc.so) siad_getgrnam=(BSD,libc.so) siad_setgrent=(BSD,libc.so) siad_endgrent=(BSD,libc.so) siad_ses_release=(BSD,libc.so) siad_chk_user=(BSD,libc.so) The following is the default enhanced security (C2) mechanism /etc/sia/matrix.conf file: siad_init=(BSD,libc.so) siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so) siad_ses_init=(OSFC2,/usr/shlib/libsecurity.so) siad_ses_authent=(OSFC2,/usr/shlib/libsecurity.so) siad_ses_estab=(OSFC2,/usr/shlib/libsecurity.so) siad_ses_launch=(OSFC2,/usr/shlib/lib- security.so) siad_ses_suauthent=(OSFC2,/usr/shlib/libsecurity.so) siad_ses_reauthent=(OSFC2,/usr/shlib/libsecurity.so) siad_chg_fin- ger=(OSFC2,/usr/shlib/libsecurity.so) siad_chg_password=(OSFC2,/usr/shlib/libsecurity.so) siad_chg_shell=(OSFC2,/usr/shlib/libsecurity.so) siad_getpwent=(BSD,libc.so) siad_getpwuid=(BSD,libc.so) siad_getpwnam=(BSD,libc.so) siad_setpwent=(BSD,libc.so) siad_endpwent=(BSD,libc.so) siad_getgrent=(BSD,libc.so) siad_getgrgid=(BSD,libc.so) siad_getgrnam=(BSD,libc.so) siad_setgrent=(BSD,libc.so) siad_endgrent=(BSD,libc.so) siad_ses_release=(OSFC2,/usr/shlib/libsecurity.so) siad_chk_user=(OSFC2,/usr/shlib/libsecurity.so) FILES
SIA configuration file RELATED INFORMATION
Commands: chfn(1), chsh(1), su(1), login(1), passwd(1), sialog(4), rshd(8), ftpd(8), secconfig(8), siacfg(8) Security delim off matrix.conf(4)

Check Out this Related Man Page

siad_getpwent(3)					     Library Functions Manual						  siad_getpwent(3)

NAME
siad_getpwent, siad_getpwuid, siad_getpwnam, siad_setpwent, siad_endpwent - password routines for SIA (Security Integration Architecture) LIBRARY
Standard C library (libc.so and libc.a) SYNOPSIS
#include <sia.h> #include <siad.h> int siad_getpwent( struct passwd *result, char *buffer, int buflen, FILE **context); int siad_getpwuid( uid_t uid, struct passwd *result, char *buffer, int buflen); int siad_getpwnam( char *name, struct passwd *result, char *buffer, int buflen); int siad_setpwent( FILE **context); int siad_endpwent( FILE **context); PARAMETERS
result The result parameter points to the location of the result. buffer The buffer parameter is a pointer to a buffer which holds the resultant struct passwd. This parameter is read only. buflen The buflen parameter is the length of the buffer in chars. This parameter are read only. uid The uid parameter is the user identifier (UID) for the request. This parameter are read only. name The name parameter is the user name for the request. This parameter are read only. context A pointer to the location that records which I/O stream is to be used. DESCRIPTION
This series of mechanism dependent routines is used access the corresponding getpw* series of calls. The actual result string is placed in the buffer provided and result points to the resultant struct passwd in the buffer. Values in the passwd structure may be changed by the siad_*pw* routines. siad_getpwent() The siad_getpwent routine is called indirectly (by the sia_switch function) from the sia_getpass() routine to do libc and libc_r getpwent and getpwent_r processing. The result buffer is always allocated and a lock is taken out when thread safety is required. siad_getpwuid() This routine is called indirectly (by the sia_switch function) by sia_getpass() to process libc and libc_r getpwuid() and getpwuid_r() requests. siad_getpwnam() This routine is called indirectly (by the sia_switch function) by sia_getpass to process the libc and libc_r getpwnam() and getpwnam_r() requests. siad_setpwent() This routine is called to initialize a series of getpwent calls. Such initialization might be the opening of a file or the contacting of a service. siad_endpwent() This routine is called to free up or release resources associated with the completion of a series of getpwent calls. RETURN VALUES
The siad_*pw*() routines return bitmapped values which indicate the following status: SIADSUCCESS Indicates unconditional success. All bits set to 0. SIADFAIL Indicates conditional failure. Lowest bit set to 1. If other security mechanism are in place, continue. SIADSTOP Indicates unconditional failure. Do not continue. Second lowest bit set to 1. ERRORS
The errno values are those returned from the dynamic loader interface, from the (siad_*) routines, or from malloc. Possible errors include resource constraints (no memory) and various authentication failures. FILES
/etc/passwd /etc/sia/matrix.conf RELATED INFORMATION
getpwent(3), matrix.conf(4) Security delim off siad_getpwent(3)

Featured Tech Videos