Manualshelf

NIO CommKit Host Interface Installation and System Administration Manual

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
51525354555657585960
3-19
Control Tables (from AT&T 255-110-127)
srvtab
Table 3-2 User ID Mapping Options
Program Field
The program field of a server table entry contains the pathname of the pro-
gram to be executed. The field may contain a %s which will be replaced by
the pathname of the users shell as obtained from the /etc/passwd file.
The server uses the execv library function when invoking programs, so only
paths to binary executables may be specified in the program field of a server
table entry. The path should be fully specified (for example, /opt/dk/bin/pro-
gram) for each entry in the server table.
Option Description
*n, *o Use the numeric user ID supplied in the call request information. The *o
means the user ID should be interpreted as an octal number. The *n indi-
cates the user ID should be treated as a self-determining number. For ex-
ample, an initial 0x or 0X indicates the hexadecimal, and an initial 0
indicates octal.
The *n and *o user ID formats will only provide a valid match if an /etc/
passwd file entry exists with the same numerical user ID and the password
has not expired.
& Translate the supplied user ID and group-id names using the dkuidtab file.
This type of entry matches only those user IDs which have entries in the
dkuidtab file. This facility allows a user with a user ID on one host to be
preauthorized as a user with a different numerical user ID on another host.
This preauthorization is performed by the authorize command.
<uid, >uid The previous two forms can be further restricted to a range of user IDs by
appending <uid or >uid to the field. This restricts the incoming user ID to
be less than (or greater than) the specified decimal number. For example,
*n>0” prevents root (user ID 0) from matching the line. Only one modi-
fier may be appended to an entry.
[login] This type of entry provides a fixed login name that is used for all matching
call requests. The [login] user ID format will return a valid match as long
as a valid /etc/passwd entry exists for login. Fixed login name specifica-
tions are useful for assigning a single uucp login to a group of originating
sites. The facility is also useful when invoking authorization type services
that require a fixed set of permissions. The [login] ID format can be
thought of as a form of setuid facility, since all call requests are mapped to
the same login ID.