siacfg(8) System Manager's Manual siacfg(8)
NAME
siacfg - Update a matrix.conf file for adding or removing SIA mechanisms
SYNOPSIS
/usr/sbin/siacfg [-[arul]] [-g group_codes] [-[PA]] [-R other_mech] [-D] [-F matrix_file] name path
FLAGS
Add a new mechanism. Mutually exclusive with -r, -u, and -l. Remove a mechanism. Mutually exclusive with -a, -u, and -l. The path
parameter is optional when this flag is specified. Update a mechanism. Mutually exclusive with -a, -r, and -l. Used when a new version
of a mechanism is installed which supports more of the entrypoints. Change the definition of the local mechanism. Mutually exclusive with
-a, -r, and -u. This should only be used with the SIA mechanisms supplied by Compaq. Specify which functional groups are supported by the
given mechanism. The functional groups are specified by the following characters for use with the -g option: The session routines
(siad_ses_*(), siad_chk_invoker()). The *pwent routines (siad_setpwent(), siad_endpwent(), siad_getpwent(), siad_getpwuid(), siad_getpw-
nam()). The *grent routines (siad_setgrent(), siad_endgrent(), siad_getgrent(), siad_getgrgid(), siad_getgrnam()). The change routines
(siad_chk_user(), siad_chg_*()). The *init routine (siad_init()).
The i code is not truly optional, and will be assumed even if it is not specified. It is provided as an option for the -g flag so that a
mechanism which supports nothing else can be specified. It is an error to support the change routines without supporting the session rou-
tines.
If this flag is not specified, an attempt will be made to determine which routines are supported by the associated shared library by using
dlopen() and dlsym() to find the corresponding entrypoints. Prepend. Only meaningful with -a, and mutually exclusive with -A. Specifies
that this mechanism should be added as the very first one to be tried. This is the default behavior. Append. Only meaningful with -a,
and mutually exclusive with -P. Specifies that this mechanism should be added as the very last non-local mechanism. Relative positioning.
Only meaningful with -A or -P, this option modifies the meaning of those options to specify an insertion point relative to the specified
other mechanism. For -A this will be immediately after it, and for -P it will be immediately before it.
ARGUMENTS
The name to be associated with the given mechanism, such as DCE, BSD, OSFC2, ASDU, or AFS. The path to the shared library which contains
the entry points for this mechanism. Required for all but the -r option.
DESCRIPTION
The siacfg utility provides a way to update the /etc/sia/matrix.conf files without the errors which are likely during hand-editing. The
use of this utility also prevents the proliferation of pre-built configuration files which result from trying to supply pre-built configu-
rations in support of systems with BASE or ENHANCED security, with or without DCE, and with or without ASDU.
EXAMPLES
An example of how to use this utility to convert from BASE to ENHANCED security:
# siacfg -l -g isc OSFC2 /usr/shlib/libsecurity.so
To add DCE SIA support to a system:
# siacfg -a DCE /usr/shlib/libdcesiad.so
To remove DCE from the matrix.conf file:
# siacfg -r DCE
To create a default BSD matrix.conf file:
# siacfg -l BSD libc.so
To create a default enhanced security matrix.conf file:
# siacfg -l OSFC2 /usr/shlib/libsecurity.so
FILES
Executable. SIA mechanism configuration file.
RELATED INFORMATION
Files: matrix.conf(4) delim off
siacfg(8)