Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

userfile(5) [ultrix man page]

USERFILE(5)							File Formats Manual						       USERFILE(5)

Name
       USERFILE - defines uucp security

Syntax
       /usr/lib/uucp/USERFILE

Description
       The  utility  uses the USERFILE to establish what access a remote system can have to the local system.  An entry should exist for each sys-
       tem.  If no entries exist for a particular system, the default entries are used.  The entries for particular  systems  have  the  following
       format:

       login-name , node-name X # path-name

       login-name
		 The name with which the remote system logs in.

       node-name The name of the remote node.

       X#	 The  execution  level	for  the remote system.  The remote system can execute commands defined in the file that have an execution
		 level less than or equal to the number #.

       path-name The remote system can access anything at the local system with this prefix.

       Two entries must also be provided for systems not otherwise listed:

	    remote, X# path-name ...
	    local, X# path-name ...

       These entries define the execution level and access pathnames for the local system and all remote systems not defined by specific entries.

Examples
       remote, X1 /usr/spool/uucppublic
       local, X9 /
       max,systemY /usr/sources /usr/src/share
       max,systemZ X3 /usr
       In the above example, the node named systemY with the login name max has access to anything with the pathname prefixes and The  node  named
       systemZ	with  the  login  name max can execute commands defined in with an execution level of 3 or lower.  It can access anything with the
       pathname prefix

       Any other remote systems can execute commands defined in with an execution level of 1 or 0.  They can access  anything  with  the  pathname
       prefix of

       Users on the local system can execute any of the commands defined in and access anything on the system.

See Also
       Guide to the uucp Utility

																       USERFILE(5)

Check Out this Related Man Page

Permissions(4)						     Kernel Interfaces Manual						    Permissions(4)

NAME
Permissions - Contains information about the permissions that remote computers have with respect to login, file access, and command execu- tion SYNOPSIS
/usr/lib/uucp/Permissions DESCRIPTION
The /usr/lib/uucp/Permissions file contains information about the ways in which the remote computers listed in the Systems file are allowed to carry out uucico and uuxqt transactions with a local system. Be aware that entries in a Permissions file do not affect a remote system user with a valid login on the local computer. Note that you must have root user authority to edit the Permissions file, which is owned by the uucp login ID. The Permissions file has two types of entries: LOGNAME specifies the permissions that take effect when a remote system logs in. These entries begin with LOGNAME. MACHINE specifies permissions that take effect when your system calls a remote system. These entries begin with MACHINE. Both type of entries consist of option-value pairs. You can have as many of these option-value pairs as you want and can write entries for all or only some of the remote sites. Options Specifies whether the remote system can request to set up file transfers from your system. The default is not to allow such requests. This option can be used in either LOGNAME or MACHINE entries. Specifies whether your system can send the work queued for the remote system when the remote system initiates the call. The default is call; that is, the queued files are sent only when the local system calls the remote system. This option is used in LOGNAME entries. Spec- ifies from which directories uucico can read. The default is the /usr/spool/uucppublic directory. This option can be used in either LOGNAME or MACHINE entries. If multiple pathnames are specified, separate them with a colon (:). Specifies to which directories uucico can write. The default is the /usr/spool/uucpublic directory. This option can be used in either LOGNAME or MACHINE entries. If multiple pathnames are specified, separate them with a colon (:). Specify exceptions to the READ and WRITE options. These options can be used in either LOGNAME or MACHINE entries. If multiple pathnames are specified, separate them with a colon (:). Specifies the commands that a remote system can request to be executed on the local system. The default is rmail command. If multiple commands are specified, separate them with a colon(:). This option is used in MACHINE entries. Specifies whether any transactions can occur without the local system calling the remote system. The default is no, that is, the local system must initiate the call to the remote system before any transactions are allowed. If both the remote and local systems use CALLBACK, they will not be able to initiate any jobs. This option can be used in LOGNAME entries. Used to verify the calling system's identity. The values for this option should be the system name or the names of systems allowed to log in using the name specified by LOGNAME. If a system other than those specified in VALIDATE tries to use the name specified by LOGNAME, the connection will be refused. If multiple systems are specified, separate them with a colon (:). This option is used with the LOGNAME entries. Rules for Writing Permissions File Entries The following rules apply for writing Permissions file entries: Each option-value pair has the following format: option=value Blank spaces are not allowed before or after the equal sign. A blank space is used to separate option-value pairs. If an option has one or more values, the values are separated with a colon. Comment lines begin with a number sign (#) and end with a new line. The backslash () is used as a continuation character to continue a line on to the next line on the screen. Blank lines are ignored. All login IDs used by remote systems must appear in one and only one LOGNAME entry. If you do not want to grant permissions to each system by name, the entry MACHINE=OTHER will assign permissions to any system not mentioned by name. You can combine MACHINE and LOGNAME entries into a single entry if the options are the same. EXAMPLES
The following example allows remote system buck to log in with login ID Luucp1. The VALIDATE option means that the login ID uucp1 can only be used by remote system buck. The REQUEST option means that remote system buck can request files to be transferred from the local system. The SENDFILES option means that any requests queued on the local system for work on the remote system will be sent to the remote system during the current session if allowed by remote system buck. The READ and WRITE options mean that remote system can read and write from and to any directory that has proper permissions. LOGNAME=uucp1 REQUEST=yes SENDFILES=yes VALIDATE=buck READ=/ WRITE=/ MACHINE=buck REQUEST=yes COMMANDS=ALL READ=/ WRITE=/ The following example has all the default values of the options, which are as follows: REQUEST=no, SENDFILES=call READ and WRITE=/usr/spool/uucppublic COMMANDS=rmail CALLBACK=no The remote system cannot ask to receive any queued files containing work that users on the local system have requested to be exe- cuted on the remote system. The local system cannot send queued work to the remote system when that system has completed its current operations. Instead, the queued work can be sent only when the local system contacts the remote system. The remote system can send (write) files to and transfer (read) files from only the uucp public directory (/usr/spool/uucppublic/system_name) on the local sys- tem. Users on the remote system can execute only the default command (rmail) on the local system. LOGNAME=uucp2 MACHINE=buck:bigguy The following example is similar to the first. However, this entry allows the remote users of sys- tems waldo and buck to execute only the rmail and /usr/lbin/rnews commands: LOGNAME=uucp3 VALIDATE=waldo:buck REQUEST=yes SENDFILES=yes READ=/ WRITE=/ MACHINE=waldo:buck REQUEST=yes COM- MANDS=rmail:/usr/lbin/rnews READ=/ WRITE= The following example specifies that all remote systems using the uucp4 login ID that are not included in existing MACHINE entries can execute the rmail (mail) and /usr/bin/lint commands on the local system: LOGNAME=uucp4 MACHINE=OTHER COMMANDS=rmail:/usr/bin/lint The following example shows how the MACHINE and LOGNAME entry can be com- bined into one entry. The remote host is darla. The remote system darla should use the login ID xuucp to log in to local system. The rest of the options have the same meaning as explained in the first example. MACHINE=darla LOGNAME=xuucp READ=/ WRITE=/ REQUEST=yes SENDFILES=yes FILES
Contains all the configuration files for the UNIX-to-UNIX Copy Program (UUCP), including the Devices file. Describes accessible remote systems. RELATED INFORMATION
Files: Systems(4) delim off Permissions(4)
Man Page