srvtab

Table A-2: User ID Mapping Options

 

______________________________________________________________________

 

 

Description

_ Option

 

 

*n, *o

Use the numeric user ID supplied in the call request information. The *o means

 

the user ID should be interpreted as an octal number. The *n indicates the user

 

ID should be treated as a self-determining number. For example, an initial 0x or

 

0X indicates hexadecimal, and an initial 0 indicates octal.

 

The *n and *o user ID formats will only provide a valid match if an /etc/passwd

 

file entry exists with the same numerical user ID and the password has not

 

expired. The group-id is determined from that password file entry.

&

Translate the supplied user ID and group-id names using the dkuidtab file. This

 

type of entry matches only those user IDs which have entries in the dkuidtab file.

 

This facility allows a user with a user ID on one host to be preauthorized as a

 

user with a different numerical user ID on another host. This preauthorization is

 

performed by the authorize command.

_

<uid, >uid

 

The previous two forms can be further restricted to a range of user IDs by

 

appending <uid or >uid to the field. This restricts the incoming user ID to be less

 

than (or greater than) the specified decimal number. For example, *n>0 prevents

 

root (user ID 0) from matching the line. Only one modifier may be appended to

 

an entry.

[login]

This type of entry provides a fixed login name that is used for all matching call

 

requests. The [login] user ID format will return a valid match as long as a valid

 

/etc/passwd entry exists for login. Fixed login name specifications are useful for

 

assigning a single uucp login to a group of originating sites. The facility is also

 

useful when invoking authorization type services that require a fixed set of per-

 

missions. The [login] user ID format can be thought of as a form of setuid facility,

 

since all call requests are mapped to the same login ID.

 

 

 

 

 

Appendix A

Program Field

The program field of a server table entry contains the pathname of the program to be executed. The field may contain a %s which will be replaced by the pathname of the user's shell as obtained from the /etc/passwd file.

The server uses the execv library function when invoking programs, so only paths to binary executables may be specified in the program field of a server table entry. The path should be fully specified (for example, /usr/lbin/program) for each entry in the server table.

A-6

Issue 3

Page 274
Image 274
HP LCS60 manual Program Field, Table A-2 User ID Mapping Options