Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

siacfg(8) [osf1 man page]

siacfg(8)						      System Manager's Manual							 siacfg(8)

NAME
siacfg - Update a matrix.conf file for adding or removing SIA mechanisms SYNOPSIS
/usr/sbin/siacfg [-[arul]] [-g group_codes] [-[PA]] [-R other_mech] [-D] [-F matrix_file] name path FLAGS
Add a new mechanism. Mutually exclusive with -r, -u, and -l. Remove a mechanism. Mutually exclusive with -a, -u, and -l. The path parameter is optional when this flag is specified. Update a mechanism. Mutually exclusive with -a, -r, and -l. Used when a new version of a mechanism is installed which supports more of the entrypoints. Change the definition of the local mechanism. Mutually exclusive with -a, -r, and -u. This should only be used with the SIA mechanisms supplied by Compaq. Specify which functional groups are supported by the given mechanism. The functional groups are specified by the following characters for use with the -g option: The session routines (siad_ses_*(), siad_chk_invoker()). The *pwent routines (siad_setpwent(), siad_endpwent(), siad_getpwent(), siad_getpwuid(), siad_getpw- nam()). The *grent routines (siad_setgrent(), siad_endgrent(), siad_getgrent(), siad_getgrgid(), siad_getgrnam()). The change routines (siad_chk_user(), siad_chg_*()). The *init routine (siad_init()). The i code is not truly optional, and will be assumed even if it is not specified. It is provided as an option for the -g flag so that a mechanism which supports nothing else can be specified. It is an error to support the change routines without supporting the session rou- tines. If this flag is not specified, an attempt will be made to determine which routines are supported by the associated shared library by using dlopen() and dlsym() to find the corresponding entrypoints. Prepend. Only meaningful with -a, and mutually exclusive with -A. Specifies that this mechanism should be added as the very first one to be tried. This is the default behavior. Append. Only meaningful with -a, and mutually exclusive with -P. Specifies that this mechanism should be added as the very last non-local mechanism. Relative positioning. Only meaningful with -A or -P, this option modifies the meaning of those options to specify an insertion point relative to the specified other mechanism. For -A this will be immediately after it, and for -P it will be immediately before it. ARGUMENTS
The name to be associated with the given mechanism, such as DCE, BSD, OSFC2, ASDU, or AFS. The path to the shared library which contains the entry points for this mechanism. Required for all but the -r option. DESCRIPTION
The siacfg utility provides a way to update the /etc/sia/matrix.conf files without the errors which are likely during hand-editing. The use of this utility also prevents the proliferation of pre-built configuration files which result from trying to supply pre-built configu- rations in support of systems with BASE or ENHANCED security, with or without DCE, and with or without ASDU. EXAMPLES
An example of how to use this utility to convert from BASE to ENHANCED security: # siacfg -l -g isc OSFC2 /usr/shlib/libsecurity.so To add DCE SIA support to a system: # siacfg -a DCE /usr/shlib/libdcesiad.so To remove DCE from the matrix.conf file: # siacfg -r DCE To create a default BSD matrix.conf file: # siacfg -l BSD libc.so To create a default enhanced security matrix.conf file: # siacfg -l OSFC2 /usr/shlib/libsecurity.so FILES
Executable. SIA mechanism configuration file. RELATED INFORMATION
Files: matrix.conf(4) delim off siacfg(8)

Check Out this Related Man Page

siad_chg_finger(3)					     Library Functions Manual						siad_chg_finger(3)

NAME
siad_chg_finger, siad_chg_password, siad_chg_shell - Dependent SIA change routines (Security Integration Architecture) LIBRARY
Standard C library (libc.so and libc.a) SYNOPSIS
#include <sia.h> #include <siad.h> int siad_chg_finger( int (*collect)(), char *username, int argc, char *argv[]); int siad_chg_password( int (*collect)(), char *username, int argc, char *argv[]); int siad_chg_shell( int (*collect)(), char *username, int argc, char *argv[]); PARAMETERS
collect The collect parameter is a pointer to an SIA collection routine. If this pointer is NULL, no collection is possible. The col- lect parameter should never be NULL. This parameter is read only. Further input on SIA collection routines is available from the interface specifications in /usr/include/{sia,siad}.h. username The username parameter is used when a precollected username is available. The username parameter either points to the precol- lected username or is set to NULL if no username exists. This parameter is read only. argc The argc parameter is the number of arguments used when invoking the calling command or utility. This parameter are read only. argv The argv parameter is the array of arguments used when invoking the calling command or utility. The argv[0] variable must always be set to the calling commands name. This is used for logging or auditing of the password change function. DESCRIPTION
siad_chg_finger() This routine is called by sia_chg_finger() to accomplish processing associated with the chfn command with respect to a specific security mechanism. Only one siad_chg_finger() routine is called. No sequencing of multiple security mechanisms is attempted. siad_chg_password() This routine is called by sia_chg_password() to invoke a specific mechanisms change password function. Only one siad_chg_password() routine is called. This routine accomplishes the process commonly associated with the passwd command. No sequencing of multiple security mecha- nisms is attempted. siad_chg_shell() This routine is called by sia_chg_shell() to accomplish processing associated with the chsh command with respect to a specific security mechanism. Only one siad_chg_shell() routine is called. No sequencing of multiple security mechanisms is attempted. RETURN VALUES
The siad_ses_*() routines return bitmapped values which indicate the following status: SIADSUCCESS Indicates unconditional success. All bits set to 0. SIADFAIL Indicates conditional failure. Lowest bit set to 1. If other security mechanism are in place, continue. SIADSTOP Indicates unconditional failure. Do not continue. Second lowest bit set to 1. ERRORS
The errno values are those returned from the dynamic loader interface, from the (siad_*) routines, or from malloc. Possible errors include resource constraints (no memory) and various authentication failures. FILES
/etc/passwd /etc/sia/matrix.conf RELATED INFORMATION
sia_chg_finger(3), matrix.conf(4) Security delim off siad_chg_finger(3)
Man Page