*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> edauth (8)              



NAME    [Toc]    [Back]

       edauth  -  update and list authentication and capabilities
       (authcap) database information (Enhanced Security)

SYNOPSIS    [Toc]    [Back]

       /usr/tcb/bin/edauth [-d db] [-L  | -N  | -S  source]  [-q]
       [-v] entryname...

       /usr/tcb/bin/edauth  -g   [-d  db] [-L  | -N  | -S source]
       [-q] [-t] [-v] [entryname...]

       /usr/tcb/bin/edauth -s  [-d db] [-L  | -N   |  -S  source]
       [-R] [-t] [-U uid] [-C] [-q] [-v]

       /usr/tcb/bin/edauth  -r   [-d  db] [-L  | -N  | -S source]
       [-q] [-v] entryname...

       /usr/tcb/bin/edauth -H

OPTIONS    [Toc]    [Back]

       Specifies which database to use.  Select from one  of  the
       characters d, f, p, t, or v.

              d  -   The  system default database, /etc/auth/system/default

              f -   The  file  control  database,  /etc/auth/system/files

              p  -   User profile data in the /tcb/files/auth.db,
              /var/tcb/files/auth.db, and optional associated NIS
              map sources.

              t  -  The terminal control database, /etc/auth/system/ttys.db

              v -  The terminal control database,  /etc/auth/system/devassign

              The  user profile database (p) is the default if no
              -d option is given.  Gets  the  named  entries  (or
              all) and prints them to standard output rather than
              editing them. If the -q option is also  given,  the
              entries are not printed, and the exit status is the
              only confirmation of whether  at  least  one  entry
              would  have  been printed if -q had not been specified.
  Removes (deletes) named entries rather  than
              editing  them.  Sets new values based on pre-edited
              entries read from standard input. If a new entry is
              being  created, the corresponding passwd entry must
              be created first. If the -C option  is  not  given,
              existing  entries  are overwritten by the new data.
              When used with -g or -s options,  account  template
              entries  are  included  in addition to user-profile
              entries. Note that account templates  do  not  have
              passwd   entries.   Gives  more  verbose  messages.
              Restricts the -s option  to  creating  new  entries
              only,  rather  than  possibly  overwriting existing
              ones.  Uses only local entries, not NIS.  Uses only
              NIS entries, not local.  Causes new local user-profile
 entries to be written to  the  root  partition
              only,  no  matter  what  the  UID  of  the profile.
              Restricts database operations to the specified data
              source,  as  determined  by  the /etc/nsswitch.conf
              file.  Specifies  the  minimum  general  user  UID.
              User-profile entries with UIDs less than this value
              (default of 100) are written to the root  partition
              in the /tcb/files/auth.db file.  Profiles with uids
              greater than or equal to the  specified  value  are
              written  to the /var/tcb/files/auth.db file.  Print
              a help message and exit successfully with  no  further

DESCRIPTION    [Toc]    [Back]

       The  edauth  utility  displays  and  modifies  the  system
       databases used by the  enhanced  security  subsets.  These
       include  the  user  profile  databases  and  their NIS map
       source files, the file control database, the terminal control
  and  device  assignment  databases,  and  the system
       default  database.  Note  that  edauth  does   not   alter

       The edauth utility is intended for disaster-recovery situations,
 since the GUIs provide a  much  friendlier  interface.
  However, for sites where X is not available, edauth
       can be used for general maintenance of these databases.

       If none of the -s, -g, or -r  options  are  given,  edauth
       extracts  each  matching  entry into a temporary file, and
       allows the user to edit that entry.  If the  edited  entry
       has  more unparsed fields than did the old copy, a warning
       is given.  If the -v option was given, the  unparsed  text
       is displayed.

       Editing and setting of entries in NIS maps is only allowed
       on the NIS master host, in which case the changes are made
       to  the NIS map source files themselves, and a make of the
       NIS maps is then performed by edauth.

       The only option available to a non-root user is displaying
       the  publicly-accessible  databases or the user's own profile.

       Use of the -S source option requires that the named source
       be  specified  by  the  /etc/nsswitch.conf  file  for  the
       affected database. It also requires update access  to  the
       nsswitch--served  data.  This is in contrast to how -L and
       -N work, since those options  work  to  set  up  databases
       before  the  relevant system daemon () is running.  In all
       other respects, -L is equivalent to -S files,  and  -N  is
       equivalent to -S nis.

ENVIRONMENT    [Toc]    [Back]

       The following environment variables can be used by edauth:
       Checked for being set only, in order to determine  whether
       the  $VISUAL  environment  variable should be consulted to
       find an editor to use.  The $TERM variable is also  likely
       to be used by the editor that is spawned.  Checked to find
       the editor to use when editing data, if the $TERM environment
  variable  is set.  Checked to find the editor to use
       when editing data.  If neither the $VISUAL nor the $EDITOR
       environment   variable   is   available,   edauth   checks
       /usr/bin/ex and /sbin/ed for execute permissions and stops
       attempts to edit data if none can be found.

       Other  environment  variables which are likely to be used:
       This   environment   variable   is    checked    by    the
       /var/yp/Makefile  file when updating the NIS maps in order
       to determine whether to force the  NIS  slave  servers  to
       update  their  maps  immediately  (and  to  wait  for that

EXAMPLES    [Toc]    [Back]

       To display just the wildcard entries  from  the  ttys  and
       devassign databases: # edauth -g -dt '*' '*:*' # edauth -g
       -dv '*' '*:*'

       To display the system defaults data: # edauth -g -dd

       For a non-root user to display his or her own  profile:  %
       edauth -g

       For  a  privileged  user  to  display all user profiles: #
       edauth -g

       To display the user profile for root: # edauth -g root

       To edit the entry for user root: # edauth root

       To edit the ttys database entry for lat/628: # edauth  -dt

       To edit the NIS profile entry for user nobody: # edauth -N

       An alternative way to edit the NIS profile entry for  user
       nobody: # edauth -S nis nobody

       To  add  a template of cis401 to a list of user names contained
 in a file named students: edauth -g `cat  students`
           | sed 's/:chkent:/:u_template=cis401:chkent:/' \
           | edauth -s

SEE ALSO    [Toc]    [Back]

       Commands: convuser(8), convauth(8), authck(8)

       Files:   authcap(4),   prpasswd(4),  ttys(4),  default(4),
       devassign(4), files(4), nsswitch.conf(4)


[ Back ]
 Similar pages
Name OS Title
secauthmigrate Tru64 Convert ULTRIX auth(5) authentication data to authcap(4) authentication data (Enhanced Security)
prpwd Tru64 Protected password authentication database (Enhanced Security)
create_file_securely Tru64 Create a file in the authentication database (Enhanced Security)
prpasswd Tru64 Protected password authentication database (Enhanced Security)
db_archive Tru64 displays security database log files no longer involved in active transactions (Enhanced Security)
db_checkpoint Tru64 Periodically checkpoint the security database log (Enhanced Security)
login_auth FreeBSD authentication style support library for login class capabilities database
auth_checknologin FreeBSD authentication style support library for login class capabilities database
auth_cat FreeBSD authentication style support library for login class capabilities database
authck Tru64 Checks internal consistency of the authentication databases (Enhanced Security)
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service