diff options
| author | stevel@tonic-gate <none@none> | 2005-06-14 00:00:00 -0700 |
|---|---|---|
| committer | stevel@tonic-gate <none@none> | 2005-06-14 00:00:00 -0700 |
| commit | 7c478bd95313f5f23a4c958a745db2134aa03244 (patch) | |
| tree | c871e58545497667cbb4b0a4f2daf204743e1fe7 /usr/src/lib/libsecdb | |
| download | illumos-joyent-7c478bd95313f5f23a4c958a745db2134aa03244.tar.gz | |
OpenSolaris Launch
Diffstat (limited to 'usr/src/lib/libsecdb')
121 files changed, 7277 insertions, 0 deletions
diff --git a/usr/src/lib/libsecdb/Makefile b/usr/src/lib/libsecdb/Makefile new file mode 100644 index 0000000000..2fbf9fc112 --- /dev/null +++ b/usr/src/lib/libsecdb/Makefile @@ -0,0 +1,118 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# lib/libsecdb/Makefile +# +#ident "%Z%%M% %I% %E% SMI" +# + +include ../Makefile.lib + +SUBDIRS= spec .WAIT help $(MACH) $(BUILD64) $(MACH64) +MSGSUBDIRS= help + +all:= TARGET= all +clean:= TARGET= clean +clobber:= TARGET= clobber +install:= TARGET= install +lint:= TARGET= lint +_msg:= TARGET= _msg + +.KEEP_STATE: + +ROOTETC = $(ROOT)/etc +ROOTETCSECURITY = $(ROOTETC)/security +$(ROOTETCSECURITY) := GROUP = sys + +EFILES = user_attr +EFILESRC = $(EFILES:%=%) +ETCFILES = $(EFILES:%=$(ROOTETC)/%) +$(ETCFILES) := GROUP = sys + +ESFILES = auth_attr exec_attr prof_attr policy.conf +ESSRC = $(ESFILES:%=%) +ETCSECURITYFILES = $(ESFILES:%=$(ROOTETCSECURITY)/%) +$(ETCSECURITYFILES) := GROUP = sys + +SCRIPTS = i.rbac r.rbac +CLASS_SCR_SRC_DIR = $(SRC)/pkgdefs/common_files +INSTALL_DIR = $(ROOT)/usr/sadm/install +$(INSTALL_DIR) := GROUP = bin + +CLASS_SCR_DIR = $(INSTALL_DIR)/scripts +$(CLASS_SCR_DIR) := GROUP = bin + +CLASS_SCR_FILES = $(SCRIPTS:%=$(CLASS_SCR_DIR)/%) +$(CLASS_SCR_FILES) := FILEMODE = 0555 +$(CLASS_SCR_FILES) := GROUP = sys + +TMPDIR = /tmp + +all clean clobber delete install lint package: $(SUBDIRS) +_msg: $(MSGSUBDIRS) + +install: install_data + +install_data: $(ETCSECURITYFILES) $(ETCFILES) $(CLASS_SCR_FILES) + +ATTR_FILES = auth_attr exec_attr prof_attr user_attr +${ATTR_FILES}: $$@.txt + $(CP) $@.txt ${TMPDIR}/$@ + > $@ + $(ECHO) ${TMPDIR}/$@ $@ | $(SHELL) ${CLASS_SCR_SRC_DIR}/i.rbac + @$(RM) ${TMPDIR}/$@ + +$(ETCSECURITYFILES) $(ETCFILES): $(ETCSECURITY) $(ROOTETCSECURITY) + +$(ETCSECURITY)/%: % + $(INS.file) + +$(ROOTETCSECURITY): + $(INS.dir) + +$(ROOTETCSECURITY)/%: % + $(INS.file) + +$(ROOTETC)/% : % + $(INS.file) + +$(CLASS_SCR_FILES): $(INSTALL_DIR) $(CLASS_SCR_DIR) + +$(INSTALL_DIR): + $(INS.dir) + +$(CLASS_SCR_DIR): + $(INS.dir) + +$(CLASS_SCR_DIR)/%: $(CLASS_SCR_SRC_DIR)/% + $(INS.file) + +clobber clean: + $(RM) $(ATTR_FILES) + +spec help $(MACH) $(MACH64) : FRC + @cd $@; pwd; $(MAKE) $(TARGET) + +FRC: diff --git a/usr/src/lib/libsecdb/Makefile.com b/usr/src/lib/libsecdb/Makefile.com new file mode 100644 index 0000000000..e12380bb6e --- /dev/null +++ b/usr/src/lib/libsecdb/Makefile.com @@ -0,0 +1,58 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "%Z%%M% %I% %E% SMI" +# + +LIBRARY = libsecdb.a +VERS = .1 +OBJECTS = secdb.o getauthattr.o getexecattr.o getprofattr.o \ + getuserattr.o chkauthattr.o + +include ../../Makefile.lib + +# Install this library in the root filesystem +include ../../Makefile.rootfs + +LIBS = $(DYNLIB) $(LINTLIB) +$(LINTLIB) := SRCS = $(SRCDIR)/$(LINTSRC) +LDLIBS += -lc -lnsl -lcmd + +SRCDIR = ../common +MAPDIR = ../spec/$(TRANSMACH) +SPECMAPFILE = $(MAPDIR)/mapfile + +CFLAGS += $(CCVERBOSE) +CPPFLAGS += -D_REENTRANT +LINTFLAGS += -DPIC +LINTFLAGS64 += -DPIC + +.KEEP_STATE: + +all: $(LIBS) + +lint: lintcheck + +include ../../Makefile.targ diff --git a/usr/src/lib/libsecdb/amd64/Makefile b/usr/src/lib/libsecdb/amd64/Makefile new file mode 100644 index 0000000000..67538ac8f1 --- /dev/null +++ b/usr/src/lib/libsecdb/amd64/Makefile @@ -0,0 +1,35 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "%Z%%M% %I% %E% SMI" +# + + +include ../Makefile.com +include ../../Makefile.lib.64 + +.KEEP_STATE: + +install: all $(ROOTLIBS64) $(ROOTLINKS64) diff --git a/usr/src/lib/libsecdb/auth_attr.txt b/usr/src/lib/libsecdb/auth_attr.txt new file mode 100644 index 0000000000..6040db7081 --- /dev/null +++ b/usr/src/lib/libsecdb/auth_attr.txt @@ -0,0 +1,90 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# /etc/security/auth_attr +# +# authorizations. see auth_attr(4) +# +#ident "%Z%%M% %I% %E% SMI" +# +solaris.:::All Solaris Authorizations::help=AllSolAuthsHeader.html +solaris.grant:::Grant All Solaris Authorizations::help=PriAdmin.html +# +solaris.audit.:::Audit Management::help=AuditHeader.html +solaris.audit.config:::Configure Auditing::help=AuditConfig.html +solaris.audit.read:::Read Audit Trail::help=AuditRead.html +# +solaris.device.:::Device Allocation::help=DevAllocHeader.html +solaris.device.allocate:::Allocate Device::help=DevAllocate.html +solaris.device.config:::Configure Device Attributes::help=DevConfig.html +solaris.device.grant:::Delegate Device Administration::help=DevGrant.html +solaris.device.revoke:::Revoke or Reclaim Device::help=DevRevoke.html +solaris.device.cdrw:::CD-R/RW Recording Authorizations::help=DevCDRW.html +# +solaris.dhcpmgr.:::DHCP Service Management::help=DhcpmgrHeader.html +solaris.dhcpmgr.write:::Modify DHCP Service Configuration::help=DhcpmgrWrite.html +# +solaris.jobs.:::Job Scheduler::help=JobHeader.html +solaris.jobs.admin:::Manage All Jobs::help=AuthJobsAdmin.html +solaris.jobs.grant:::Delegate Cron & At Administration::help=JobsGrant.html +solaris.jobs.user:::Manage Owned Jobs::help=AuthJobsUser.html +# +solaris.login.:::Login Control::help=LoginHeader.html +solaris.login.enable:::Enable Logins::help=LoginEnable.html +solaris.login.remote:::Remote Login::help=LoginRemote.html +# +solaris.mail.:::Mail::help=MailHeader.html +solaris.mail.mailq:::Mail Queue::help=MailQueue.html +# +solaris.profmgr.:::Rights::help=ProfmgrHeader.html +solaris.profmgr.assign:::Assign All Rights::help=AuthProfmgrAssign.html +solaris.profmgr.delegate:::Assign Owned Rights::help=AuthProfmgrDelegate.html +solaris.profmgr.write:::Manage Rights::help=AuthProfmgrWrite.html +solaris.profmgr.read:::View Rights::help=AuthProfmgrRead.html +solaris.profmgr.execattr.write:::Manage Commands::help=AuthProfmgrExecattrWrite.html +# +solaris.role.:::Roles::help=RoleHeader.html +solaris.role.assign:::Assign All Roles::help=AuthRoleAssign.html +solaris.role.delegate:::Assign Owned Roles::help=AuthRoleDelegate.html +solaris.role.write:::Manage Roles::help=AuthRoleWrite.html +# +solaris.smf.:::SMF Management::help=SmfHeader.html +solaris.smf.modify.:::Modify All SMF Service Properties::help=SmfModifyHeader.html +solaris.smf.modify.method:::Modify Service Methods::help=SmfModifyMethod.html +solaris.smf.modify.dependency:::Modify Service Dependencies::help=SmfModifyDepend.html +solaris.smf.modify.application:::Modify Application Type Properties::help=SmfModifyAppl.html +solaris.smf.modify.framework:::Modify Framework Type Properties::help=SmfModifyFramework.html +solaris.smf.manage.:::Manage All SMF Service States::help=SmfManageHeader.html +solaris.smf.manage.autofs:::Manage Automount Service States::help=SmfAutofsStates.html +solaris.smf.manage.bind:::Manage DNS Service States::help=BindStates.html +solaris.smf.manage.cron:::Manage Cron Service States::help=SmfCronStates.html +solaris.smf.manage.name-service-cache:::Manage Name Service Cache Daemon Service States::help=SmfNscdStates.html +solaris.smf.manage.power:::Manage Power Management Service States::help=SmfPowerStates.html +solaris.smf.manage.sendmail:::Manage Sendmail Service States::help=SmfSendmailStates.html +solaris.smf.manage.ssh:::Manage Secure Shell Service States::help=SmfSshStates.html +solaris.smf.manage.system-log:::Manage Syslog Service States::help=SmfSyslogStates.html +# +solaris.system.:::Machine Administration::help=SysHeader.html +solaris.system.date:::Set Date & Time::help=SysDate.html +solaris.system.shutdown:::Shutdown the System::help=SysShutdown.html diff --git a/usr/src/lib/libsecdb/common/chkauthattr.c b/usr/src/lib/libsecdb/common/chkauthattr.c new file mode 100644 index 0000000000..9792f42164 --- /dev/null +++ b/usr/src/lib/libsecdb/common/chkauthattr.c @@ -0,0 +1,270 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <sys/mman.h> +#include <limits.h> +#include <deflt.h> +#include <auth_attr.h> +#include <prof_attr.h> +#include <user_attr.h> + + +static int _is_authorized(const char *, char *); +static int _chk_policy_auth(const char *, char **, int *); +static int _chkprof_for_auth(const char *, const char *, char **, int *); + + +int +chkauthattr(const char *authname, const char *username) +{ + int auth_granted = 0; + char *auths; + char *profiles; + userattr_t *user; + char *chkedprof[MAXPROFS]; + int chkedprof_cnt = 0; + int i; + + if (authname == NULL || username == NULL) + return (0); + + auth_granted = _chk_policy_auth(authname, chkedprof, &chkedprof_cnt); + if (auth_granted) { + return (1); + } + if ((user = getusernam(username)) == NULL) + return (0); + + if ((auths = kva_match(user->attr, USERATTR_AUTHS_KW)) != NULL) { + if (_is_authorized(authname, auths)) { + free_userattr(user); + return (1); + } + } + + if ((profiles = kva_match(user->attr, USERATTR_PROFILES_KW)) == NULL) { + free_userattr(user); + return (0); + } + + auth_granted = _chkprof_for_auth(profiles, authname, + chkedprof, &chkedprof_cnt); + + /* free memory allocated for checked array */ + for (i = 0; i < chkedprof_cnt; i++) { + free(chkedprof[i]); + } + + free_userattr(user); + + return (auth_granted); +} + +static int +_chkprof_for_auth(const char *profs, const char *authname, + char **chkedprof, int *chkedprof_cnt) +{ + + char *prof, *lasts, *auths, *profiles; + profattr_t *pa; + int i; + int checked = 0; + + for (prof = strtok_r((char *)profs, ",", &lasts); prof != NULL; + prof = strtok_r(NULL, ",", &lasts)) { + + checked = 0; + /* check if this profile has been checked */ + for (i = 0; i < *chkedprof_cnt; i++) { + if (strcmp(chkedprof[i], prof) == 0) { + checked = 1; + break; + } + } + + if (!checked) { + + chkedprof[*chkedprof_cnt] = strdup(prof); + *chkedprof_cnt = *chkedprof_cnt + 1; + + if ((pa = getprofnam(prof)) == NULL) + continue; + + if ((auths = kva_match(pa->attr, + PROFATTR_AUTHS_KW)) != NULL) { + if (_is_authorized(authname, auths)) { + free_profattr(pa); + return (1); + } + } + if ((profiles = + kva_match(pa->attr, PROFATTR_PROFS_KW)) != NULL) { + /* Check for authorization in subprofiles */ + if (_chkprof_for_auth(profiles, authname, + chkedprof, chkedprof_cnt)) { + free_profattr(pa); + return (1); + } + } + free_profattr(pa); + } + } + /* authorization not found in any profile */ + return (0); +} + +int +_auth_match(const char *pattern, const char *auth) +{ + size_t len; + char wildcard = KV_WILDCHAR; + char *grant; + + len = strlen(pattern); + + /* + * If the wildcard is not in the last position in the string, don't + * match against it. + */ + if (pattern[len-1] != wildcard) + return (0); + + /* + * If the strings are identical up to the wildcard and auth does not + * end in "grant", then we have a match. + */ + if (strncmp(pattern, auth, len-1) == 0) { + grant = strrchr(auth, '.'); + if (grant != NULL) { + if (strncmp(grant + 1, "grant", 5) != NULL) + return (1); + } + } + + return (0); +} + +static int +_is_authorized(const char *authname, char *auths) +{ + int found = 0; /* have we got a match, yet */ + char wildcard = '*'; + char *auth; /* current authorization being compared */ + char *buf; + char *lasts; + + buf = strdup(auths); + for (auth = strtok_r(auths, ",", &lasts); auth != NULL && !found; + auth = strtok_r(NULL, ",", &lasts)) { + if (strcmp((char *)authname, auth) == 0) { + /* Exact match. We're done. */ + found = 1; + } else if (strchr(auth, wildcard) != NULL) { + if (_auth_match(auth, authname)) { + found = 1; + break; + } + } + } + + free(buf); + + return (found); +} + + +int +_get_auth_policy(char **def_auth, char **def_prof) +{ + char *cp; + + if (defopen(AUTH_POLICY) != 0) + return (-1); + + cp = defread(DEF_AUTH); + if (cp != NULL) { + *def_auth = strdup(cp); + if (*def_auth == NULL) + return (-1); + } else { + *def_auth = NULL; + } + + cp = defread(DEF_PROF); + if (cp != NULL) { + *def_prof = strdup(cp); + if (*def_prof == NULL) { + free(*def_auth); + return (-1); + } + } else { + *def_prof = NULL; + } + + (void) defopen(NULL); + return (0); +} + +/* + * read /etc/security/policy.conf for AUTHS_GRANTED. + * return 1 if found matching authname. + * Otherwise, read PROFS_GRANTED to see if authname exists in any + * default profiles. + */ +static int +_chk_policy_auth(const char *authname, char **chkedprof, int *chkedprof_cnt) +{ + char *auths, *profs; + int ret = 1; + + if (_get_auth_policy(&auths, &profs) != 0) + return (0); + + if (auths != NULL) { + if (_is_authorized(authname, auths)) + goto exit; + } + + if (profs != NULL) { + if (_chkprof_for_auth(profs, authname, chkedprof, + chkedprof_cnt)) + goto exit; + } + ret = 0; + +exit: + free(auths); + free(profs); + return (ret); +} diff --git a/usr/src/lib/libsecdb/common/getauthattr.c b/usr/src/lib/libsecdb/common/getauthattr.c new file mode 100644 index 0000000000..286bc362ea --- /dev/null +++ b/usr/src/lib/libsecdb/common/getauthattr.c @@ -0,0 +1,149 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright (c) 1999, 2001 by Sun Microsystems, Inc. + * All rights reserved. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <sys/types.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <nss_dbdefs.h> +#include <auth_attr.h> + + +/* Externs from libnsl */ +extern authstr_t *_getauthnam(const char *, authstr_t *, char *, int, int *); +extern authstr_t *_getauthattr(authstr_t *, char *, int, int *); +extern void _setauthattr(); +extern void _endauthattr(void); + + +static authattr_t *authstr2attr(authstr_t *); + + +authattr_t * +getauthattr() +{ + int err = 0; + char buf[NSS_BUFLEN_AUTHATTR]; + authstr_t auth; + authstr_t *tmp; + + (void) memset(&auth, 0, sizeof (authstr_t)); + tmp = _getauthattr(&auth, buf, NSS_BUFLEN_AUTHATTR, &err); + return (authstr2attr(tmp)); +} + + +authattr_t * +getauthnam(const char *name) +{ + int err = 0; + char buf[NSS_BUFLEN_AUTHATTR]; + authstr_t auth; + authstr_t *tmp; + + if (name == NULL) { + return ((authattr_t *)NULL); + } + (void) memset(&auth, 0, sizeof (authstr_t)); + tmp = _getauthnam(name, &auth, buf, NSS_BUFLEN_AUTHATTR, &err); + return (authstr2attr(tmp)); +} + + +void +setauthattr(void) +{ + _setauthattr(); +} + + +void +endauthattr() +{ + _endauthattr(); +} + + +void +free_authattr(authattr_t *auth) +{ + if (auth) { + free(auth->name); + free(auth->res1); + free(auth->res2); + free(auth->short_desc); + free(auth->long_desc); + _kva_free(auth->attr); + free(auth); + } +} + + +static authattr_t * +authstr2attr(authstr_t *auth) +{ + authattr_t *newauth; + + if (auth == NULL) + return ((authattr_t *)NULL); + + if ((newauth = (authattr_t *)malloc(sizeof (authattr_t))) == NULL) + return ((authattr_t *)NULL); + + newauth->name = _do_unescape(auth->name); + newauth->res1 = _do_unescape(auth->res1); + newauth->res2 = _do_unescape(auth->res2); + newauth->short_desc = _do_unescape(auth->short_desc); + newauth->long_desc = _do_unescape(auth->long_desc); + newauth->attr = _str2kva(auth->attr, KV_ASSIGN, KV_DELIMITER); + return (newauth); +} + + +#ifdef DEBUG +void +print_authattr(authattr_t *auth) +{ + extern void print_kva(kva_t *); + char *empty = "empty"; + + if (auth == NULL) { + printf("NULL\n"); + return; + } + + printf("name=%s\n", auth->name ? auth->name : empty); + printf("res1=%s\n", auth->res1 ? auth->res1 : empty); + printf("res2=%s\n", auth->res2 ? auth->res2 : empty); + printf("short_desc=%s\n", auth->short_desc ? auth->short_desc : empty); + printf("long_desc=%s\n", auth->long_desc ? auth->long_desc : empty); + printf("attr=\n"); + print_kva(auth->attr); + fflush(stdout); +} +#endif /* DEBUG */ diff --git a/usr/src/lib/libsecdb/common/getexecattr.c b/usr/src/lib/libsecdb/common/getexecattr.c new file mode 100644 index 0000000000..1f6782b84f --- /dev/null +++ b/usr/src/lib/libsecdb/common/getexecattr.c @@ -0,0 +1,524 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <sys/types.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <nss_dbdefs.h> +#include <deflt.h> +#include <exec_attr.h> +#include <user_attr.h> +#include <auth_attr.h> +#include <prof_attr.h> +#include <getxby_door.h> +#include <sys/mman.h> + + +/* Externs from libnsl */ +extern execstr_t *_getexecattr(execstr_t *, char *, int, int *); +extern void _setexecattr(void); +extern void _endexecattr(void); +extern execstr_t *_getexecprof(const char *, const char *, const char *, int, + execstr_t *, char *, int, int *); +extern userstr_t *_getusernam(const char *, userstr_t *, char *, int, int *); +extern userstr_t *_getuserattr(userstr_t *, char *, int, int *); +extern char *_strtok_escape(char *, char *, char **); +extern char *_strdup_null(char *); + +static execattr_t *userprof(const char *, const char *, const char *, int); +static execattr_t *get_tail(execattr_t *); +static execattr_t *execstr2attr(execstr_t *); +static execstr_t *process_getexec(execstr_t *, char *, int, nsc_data_t *); + +execattr_t * +getexecattr() +{ + int err = 0; + char buf[NSS_BUFLEN_EXECATTR]; + execstr_t exec; + execstr_t *tmp; + + tmp = _getexecattr(&exec, buf, NSS_BUFLEN_EXECATTR, &err); + + return (execstr2attr(tmp)); +} + + +execattr_t * +getexecprof(const char *name, const char *type, const char *id, int search_flag) +{ + int len_unique; + int err = 0; + int ndata = 0; + int adata = 0; + char unique[NSS_BUFLEN_EXECATTR]; + char buf[NSS_BUFLEN_EXECATTR]; + execattr_t *head = (execattr_t *)NULL; + execattr_t *prev = (execattr_t *)NULL; + execstr_t exec; + execstr_t *tmp; + execstr_t *resptr = (execstr_t *)NULL; + nsc_data_t *sptr = (nsc_data_t *)NULL; + union { + nsc_data_t s_d; + char s_b[NSS_BUFLEN_EXECATTR]; + } space; + + (void) memset(unique, 0, NSS_BUFLEN_EXECATTR); + (void) memset(&exec, 0, sizeof (execstr_t)); + (void) memset(&space, 0, sizeof (space)); + + if ((search_flag != GET_ONE) && (search_flag != GET_ALL)) { + return ((execattr_t *)NULL); + } + + if ((name == NULL) && (type == NULL) && (id == NULL)) { + setexecattr(); + switch (search_flag) { + case GET_ONE: + head = getexecattr(); + break; + case GET_ALL: + head = getexecattr(); + prev = head; + while (prev != NULL) { + prev->next = getexecattr(); + prev = prev->next; + }; + break; + default: + head = (execattr_t *)NULL; + break; + } + endexecattr(); + return (head); + } + +#ifdef PIC + /* + * If the search criteria is completely specified + * and we only want a single entry, + * then attempt to look up the entry using the nscd. + * Only commands are cached. + */ + if (name && type && (strcmp(type, KV_COMMAND) == 0) && id && + (search_flag == GET_ONE)) { + if (snprintf(unique, NSS_BUFLEN_EXECATTR, "%s:%s:%s", + name, type, id) >= NSS_BUFLEN_EXECATTR) { + errno = ERANGE; + return ((execattr_t *)NULL); + } + len_unique = strlen(unique); + if ((len_unique >= (sizeof (space) - sizeof (nsc_data_t)))) { + errno = ERANGE; + return ((execattr_t *)NULL); + } + ndata = sizeof (space); + adata = len_unique + sizeof (nsc_call_t) + 1; + space.s_d.nsc_call.nsc_callnumber = GETEXECID; + (void) strcpy(space.s_d.nsc_call.nsc_u.name, unique); + sptr = &space.s_d; + + switch (_nsc_trydoorcall(&sptr, &ndata, &adata)) { + case SUCCESS: /* positive cache hit */ + break; + case NOTFOUND: /* negative cache hit */ + return ((execattr_t *)NULL); + default: + resptr = _getexecprof(name, type, id, search_flag, + &exec, buf, NSS_BUFLEN_EXECATTR, &err); + return (execstr2attr(resptr)); + } + resptr = process_getexec(&exec, buf, NSS_BUFLEN_EXECATTR, + sptr); + + /* + * check if doors reallocated the memory underneath us + * if they did munmap it or suffer a memory leak + */ + if (sptr != &space.s_d) + (void) munmap((void *)sptr, ndata); + + return (execstr2attr(resptr)); + } /* end if (name && type && id && search_flag == GET_ONE) */ +#endif /* PIC */ + + tmp = _getexecprof(name, + type, + id, + search_flag, + &exec, + buf, + NSS_BUFLEN_EXECATTR, + &err); + + return (execstr2attr(tmp)); +} + + +execattr_t * +getexecuser(const char *username, const char *type, const char *id, + int search_flag) +{ + int err = 0; + char buf[NSS_BUFLEN_USERATTR]; + userstr_t user; + userstr_t *utmp; + execattr_t *head = (execattr_t *)NULL; + execattr_t *prev = (execattr_t *)NULL; + execattr_t *new = (execattr_t *)NULL; + + if ((search_flag != GET_ONE) && (search_flag != GET_ALL)) { + return ((execattr_t *)NULL); + } + + if (username == NULL) { + setuserattr(); + /* avoid userstr2attr mallocs by calling libnsl directly */ + utmp = _getuserattr(&user, buf, NSS_BUFLEN_USERATTR, &err); + if (utmp == NULL) { + return (head); + } + switch (search_flag) { + case GET_ONE: + head = userprof((const char *)(utmp->name), type, id, + search_flag); + break; + case GET_ALL: + head = userprof((const char *)(utmp->name), type, id, + search_flag); + if (head != NULL) { + prev = get_tail(head); + } + while ((utmp = _getuserattr(&user, + buf, NSS_BUFLEN_USERATTR, &err)) != NULL) { + if ((new = + userprof((const char *)(utmp->name), + type, id, search_flag)) != NULL) { + if (prev != NULL) { + prev->next = new; + prev = get_tail(prev->next); + } else { + head = new; + prev = get_tail(head); + } + } + } + break; + default: + head = (execattr_t *)NULL; + break; + } + enduserattr(); + } else { + head = userprof(username, type, id, search_flag); + } + + return (head); +} + + +execattr_t * +match_execattr(execattr_t *exec, const char *profname, const char *type, + const char *id) +{ + execattr_t *execp = (execattr_t *)NULL; + + for (execp = exec; execp != NULL; execp = execp->next) { + if ((profname && execp->name && + (strcmp(profname, execp->name) != 0)) || + (type && execp->type && (strcmp(type, execp->type) != 0)) || + (id && execp->id && (strcmp(id, execp->id) != 0))) + continue; + } + + return (execp); +} + + +void +setexecattr() +{ + _setexecattr(); +} + + +void +endexecattr() +{ + _endexecattr(); +} + + +void +free_execattr(execattr_t *exec) +{ + if (exec != (execattr_t *)NULL) { + free(exec->name); + free(exec->type); + free(exec->policy); + free(exec->res1); + free(exec->res2); + free(exec->id); + _kva_free(exec->attr); + free_execattr(exec->next); + free(exec); + } +} + + +static execattr_t * +userprof(const char *username, const char *type, const char *id, + int search_flag) +{ + + int err = 0; + char *last; + char *sep = ","; + char *proflist = (char *)NULL; + char *profname = (char *)NULL; + char buf[NSS_BUFLEN_USERATTR]; + char pwdb[NSS_BUFLEN_PASSWD]; + kva_t *user_attr; + userstr_t user; + userstr_t *utmp; + execattr_t *exec; + execattr_t *head = (execattr_t *)NULL; + execattr_t *prev = (execattr_t *)NULL; + struct passwd pwd; + + char *profArray[MAXPROFS]; + int profcnt = 0; + int i; + + /* + * Check if specified username is valid user + */ + if (getpwnam_r(username, &pwd, pwdb, sizeof (pwdb)) == NULL) { + return (head); + } + + utmp = _getusernam(username, &user, buf, NSS_BUFLEN_USERATTR, &err); + if (utmp != NULL) { + proflist = NULL; + user_attr = _str2kva(user.attr, KV_ASSIGN, KV_DELIMITER); + if ((proflist = kva_match(user_attr, "profiles")) != NULL) { + /* Get the list of profiles for this user */ + for (profname = _strtok_escape(proflist, sep, &last); + profname != NULL; + profname = _strtok_escape(NULL, sep, &last)) { + getproflist(profname, profArray, &profcnt); + } + } + } + + /* Get the list of default profiles */ + if (defopen(AUTH_POLICY) == NULL) { + proflist = defread(DEF_PROF); + (void) defopen(NULL); + } + if (proflist != NULL) { + for (profname = _strtok_escape(proflist, sep, &last); + profname != NULL; + profname = _strtok_escape(NULL, sep, &last)) { + getproflist(profname, profArray, &profcnt); + } + } + + if (profcnt == 0) { + return (head); + } + + /* Get execs from the list of profiles */ + for (i = 0; i < profcnt; i++) { + profname = profArray[i]; + if ((exec = getexecprof(profname, type, id, search_flag)) != + NULL) { + if (search_flag == GET_ONE) { + head = exec; + break; + } else if (search_flag == GET_ALL) { + if (head == NULL) { + head = exec; + prev = get_tail(head); + } else { + prev->next = exec; + prev = get_tail(exec); + } + } + } + } + free_proflist(profArray, profcnt); + return (head); +} + + +static execattr_t * +get_tail(execattr_t *exec) +{ + execattr_t *i_exec = (execattr_t *)NULL; + execattr_t *j_exec = (execattr_t *)NULL; + + if (exec != NULL) { + if (exec->next == NULL) { + j_exec = exec; + } else { + for (i_exec = exec->next; i_exec != NULL; + i_exec = i_exec->next) { + j_exec = i_exec; + } + } + } + + return (j_exec); +} + + +static execattr_t * +execstr2attr(execstr_t *es) +{ + execattr_t *newexec; + + if (es == NULL) { + return ((execattr_t *)NULL); + } + if ((newexec = (execattr_t *)malloc(sizeof (execattr_t))) == NULL) { + return ((execattr_t *)NULL); + } + + newexec->name = _do_unescape(es->name); + newexec->policy = _do_unescape(es->policy); + newexec->type = _do_unescape(es->type); + newexec->res1 = _do_unescape(es->res1); + newexec->res2 = _do_unescape(es->res2); + newexec->id = _do_unescape(es->id); + newexec->attr = _str2kva(es->attr, KV_ASSIGN, KV_DELIMITER); + if (es->next) { + newexec->next = execstr2attr((execstr_t *)(es->next)); + } else { + newexec->next = (execattr_t *)NULL; + } + return (newexec); +} + + +static execstr_t * +process_getexec( + execstr_t *result, + char *buffer, + int buflen, + nsc_data_t *sptr) +{ + char *fixed; +#ifdef _LP64 + execstr_t exec64; + + fixed = (char *)(((uintptr_t)buffer + 7) & ~7); +#else + fixed = (char *)(((uintptr_t)buffer + 3) & ~3); +#endif + buflen -= fixed - buffer; + buffer = fixed; + + if (sptr->nsc_ret.nsc_return_code != SUCCESS) + return ((execstr_t *)NULL); + +#ifdef _LP64 + if (sptr->nsc_ret.nsc_bufferbytesused - (int)sizeof (execstr32_t) + > buflen) +#else + if (sptr->nsc_ret.nsc_bufferbytesused - (int)sizeof (execstr_t) + > buflen) +#endif + { + errno = ERANGE; + return ((execstr_t *)NULL); + } + +#ifdef _LP64 + (void) memcpy(buffer, (sptr->nsc_ret.nsc_u.buff + sizeof (execstr32_t)), + (sptr->nsc_ret.nsc_bufferbytesused - sizeof (execstr32_t))); + exec64.name = (char *)(sptr->nsc_ret.nsc_u.exec.name + + (uintptr_t)buffer); + exec64.type = (char *)(sptr->nsc_ret.nsc_u.exec.type + + (uintptr_t)buffer); + exec64.policy = (char *)(sptr->nsc_ret.nsc_u.exec.policy + + (uintptr_t)buffer); + exec64.res1 = (char *)(sptr->nsc_ret.nsc_u.exec.res1 + + (uintptr_t)buffer); + exec64.res2 = (char *)(sptr->nsc_ret.nsc_u.exec.res2 + + (uintptr_t)buffer); + exec64.id = (char *)(sptr->nsc_ret.nsc_u.exec.id + + (uintptr_t)buffer); + exec64.attr = (char *)(sptr->nsc_ret.nsc_u.exec.attr + + (uintptr_t)buffer); + exec64.next = (execstr_t *)NULL; + *result = exec64; +#else + sptr->nsc_ret.nsc_u.exec.name += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.type += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.policy += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.res1 += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.res2 += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.id += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.attr += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.exec.next = (execstr_t *)NULL; + *result = sptr->nsc_ret.nsc_u.exec; + (void) memcpy(buffer, (sptr->nsc_ret.nsc_u.buff + sizeof (execstr_t)), + (sptr->nsc_ret.nsc_bufferbytesused - sizeof (execstr_t))); +#endif + return (result); +} + + +#ifdef DEBUG +void +print_execattr(execattr_t *exec) +{ + extern void print_kva(kva_t *); + char *empty = "empty"; + + if (exec != NULL) { + printf("name=%s\n", exec->name ? exec->name : empty); + printf("policy=%s\n", exec->policy ? exec->policy : empty); + printf("type=%s\n", exec->type ? exec->type : empty); + printf("res1=%s\n", exec->res1 ? exec->res1 : empty); + printf("res2=%s\n", exec->res2 ? exec->res2 : empty); + printf("id=%s\n", exec->id ? exec->id : empty); + printf("attr=\n"); + print_kva(exec->attr); + fflush(stdout); + if (exec->next) { + print_execattr(exec->next); + } + } else { + printf("NULL\n"); + } +} +#endif /* DEBUG */ diff --git a/usr/src/lib/libsecdb/common/getprofattr.c b/usr/src/lib/libsecdb/common/getprofattr.c new file mode 100644 index 0000000000..ade2cdfcc8 --- /dev/null +++ b/usr/src/lib/libsecdb/common/getprofattr.c @@ -0,0 +1,307 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <sys/types.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <nss_dbdefs.h> +#include <prof_attr.h> +#include <getxby_door.h> +#include <sys/mman.h> + + +/* Externs from libnsl */ +extern profstr_t *_getprofnam(const char *, profstr_t *, char *, int, int *); +extern profstr_t *_getprofattr(profstr_t *, char *, int, int *); +extern void _setprofattr(void); +extern void _endprofattr(void); + +static profattr_t *profstr2attr(profstr_t *); +static profstr_t *process_getprof(profstr_t *, char *, int, nsc_data_t *); + + +profattr_t * +getprofattr() +{ + int err = 0; + char buf[NSS_BUFLEN_PROFATTR]; + profstr_t prof; + profstr_t *tmp; + + tmp = _getprofattr(&prof, buf, NSS_BUFLEN_PROFATTR, &err); + return (profstr2attr(tmp)); +} + + +profattr_t * +getprofnam(const char *name) +{ + int err = 0; + int ndata = 0; + int adata = 0; + char buf[NSS_BUFLEN_PROFATTR]; + profstr_t prof; + union { + nsc_data_t s_d; + char s_b[1024]; + } space; + nsc_data_t *sptr = (nsc_data_t *)NULL; + profstr_t *resptr = (profstr_t *)NULL; + + (void) memset(&prof, 0, sizeof (profstr_t)); + +#ifdef PIC + (void) memset(&space, 0, sizeof (space)); + + if ((name == NULL) || + (strlen(name) >= (sizeof (space) - sizeof (nsc_data_t)))) { + errno = ERANGE; + return ((profattr_t *)NULL); + } + ndata = sizeof (space); + adata = strlen(name) + sizeof (nsc_call_t) + 1; + space.s_d.nsc_call.nsc_callnumber = GETPROFNAM; + (void) strcpy(space.s_d.nsc_call.nsc_u.name, name); + sptr = &space.s_d; + + switch (_nsc_trydoorcall(&sptr, &ndata, &adata)) { + case SUCCESS: /* positive cache hit */ + break; + case NOTFOUND: /* negative cache hit */ + return ((profattr_t *)NULL); + default: + (void) memset(&prof, 0, sizeof (profattr_t)); + resptr = _getprofnam(name, &prof, buf, + NSS_BUFLEN_PROFATTR, &err); + return (profstr2attr(resptr)); + } + resptr = process_getprof(&prof, buf, NSS_BUFLEN_PROFATTR, sptr); + + /* + * check if doors reallocated the memory underneath us + * if they did munmap it or suffer a memory leak + */ + if (sptr != &space.s_d) + (void) munmap((void *)sptr, ndata); +#else /* !PIC */ + resptr = _getprofnam(name, &prof, buf, NSS_BUFLEN_PROFATTR, &err); +#endif /* PIC */ + + return (profstr2attr(resptr)); + +} + + +void +setprofattr() +{ + _setprofattr(); +} + + +void +endprofattr() +{ + _endprofattr(); +} + + +void +free_profattr(profattr_t *prof) +{ + if (prof) { + free(prof->name); + free(prof->res1); + free(prof->res2); + free(prof->desc); + _kva_free(prof->attr); + free(prof); + } +} + + +static profattr_t * +profstr2attr(profstr_t *prof) +{ + profattr_t *newprof; + + if (prof == NULL) + return ((profattr_t *)NULL); + + if ((newprof = (profattr_t *)malloc(sizeof (profattr_t))) == NULL) + return ((profattr_t *)NULL); + + newprof->name = _do_unescape(prof->name); + newprof->res1 = _do_unescape(prof->res1); + newprof->res2 = _do_unescape(prof->res2); + newprof->desc = _do_unescape(prof->desc); + newprof->attr = _str2kva(prof->attr, KV_ASSIGN, KV_DELIMITER); + return (newprof); +} + + +static profstr_t * +process_getprof( + profstr_t *result, + char *buffer, + int buflen, + nsc_data_t *sptr) +{ + char *fixed; +#ifdef _LP64 + profstr_t prof64; + + fixed = (char *)(((uintptr_t)buffer + 7) & ~7); +#else + fixed = (char *)(((uintptr_t)buffer + 3) & ~3); +#endif + buflen -= fixed - buffer; + buffer = fixed; + + if (sptr->nsc_ret.nsc_return_code != SUCCESS) + return ((profstr_t *)NULL); + +#ifdef _LP64 + if (sptr->nsc_ret.nsc_bufferbytesused - (int)sizeof (profstr32_t) + > buflen) +#else + if (sptr->nsc_ret.nsc_bufferbytesused - (int)sizeof (profstr_t) + > buflen) +#endif + { + errno = ERANGE; + return ((profstr_t *)NULL); + } + +#ifdef _LP64 + (void) memcpy(buffer, (sptr->nsc_ret.nsc_u.buff + sizeof (profstr32_t)), + (sptr->nsc_ret.nsc_bufferbytesused - sizeof (profstr32_t))); + prof64.name = (char *)(sptr->nsc_ret.nsc_u.prof.name + + (uintptr_t)buffer); + prof64.res1 = (char *)(sptr->nsc_ret.nsc_u.prof.res1 + + (uintptr_t)buffer); + prof64.res2 = (char *)(sptr->nsc_ret.nsc_u.prof.res2 + + (uintptr_t)buffer); + prof64.desc = (char *)(sptr->nsc_ret.nsc_u.prof.desc + + (uintptr_t)buffer); + prof64.attr = (char *)(sptr->nsc_ret.nsc_u.prof.attr + + (uintptr_t)buffer); + *result = prof64; +#else + sptr->nsc_ret.nsc_u.prof.name += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.prof.res1 += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.prof.res2 += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.prof.desc += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.prof.attr += (uintptr_t)buffer; + *result = sptr->nsc_ret.nsc_u.prof; + (void) memcpy(buffer, (sptr->nsc_ret.nsc_u.buff + sizeof (profstr_t)), + (sptr->nsc_ret.nsc_bufferbytesused - sizeof (profstr_t))); +#endif + return (result); +} + + +/* + * Given a profile name, gets the list of profiles found from + * the whole hierarchy, using the given profile as root + */ +void +getproflist(const char *profileName, char **profArray, int *profcnt) +{ + profattr_t *profattr; + char *subprofiles, *lasts, *profname; + int i; + + /* Check if this is a duplicate */ + for (i = 0; i < *profcnt; i++) { + if (strcmp(profileName, profArray[i]) == 0) { + /* It's a duplicate, don't need to do anything */ + return; + } + } + + profArray[*profcnt] = strdup(profileName); + *profcnt = *profcnt + 1; + + profattr = getprofnam(profileName); + if (profattr == NULL) { + return; + } + + if (profattr->attr == NULL) { + free_profattr(profattr); + return; + } + + subprofiles = kva_match(profattr->attr, PROFATTR_PROFS_KW); + if (subprofiles == NULL) { + free_profattr(profattr); + return; + } + + /* get execattr from each subprofiles */ + for (profname = (char *)strtok_r(subprofiles, ",", &lasts); + profname != NULL; + profname = (char *)strtok_r(NULL, ",", &lasts)) { + getproflist(profname, profArray, profcnt); + } + free_profattr(profattr); +} + +void +free_proflist(char **profArray, int profcnt) +{ + int i; + for (i = 0; i < profcnt; i++) { + free(profArray[i]); + } +} + + +#ifdef DEBUG +void +print_profattr(profattr_t *prof) +{ + extern void print_kva(kva_t *); + char *empty = "empty"; + + if (prof == NULL) { + printf("NULL\n"); + return; + } + + printf("name=%s\n", prof->name ? prof->name : empty); + printf("res1=%s\n", prof->res1 ? prof->res1 : empty); + printf("res2=%s\n", prof->res2 ? prof->res2 : empty); + printf("desc=%s\n", prof->desc ? prof->desc : empty); + printf("attr=\n"); + print_kva(prof->attr); + fflush(stdout); +} +#endif /* DEBUG */ diff --git a/usr/src/lib/libsecdb/common/getuserattr.c b/usr/src/lib/libsecdb/common/getuserattr.c new file mode 100644 index 0000000000..7c0c8b9ff8 --- /dev/null +++ b/usr/src/lib/libsecdb/common/getuserattr.c @@ -0,0 +1,275 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <sys/types.h> +#include <sys/mman.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <nss_dbdefs.h> +#include <user_attr.h> +#include <getxby_door.h> +#include <pwd.h> + + +/* Externs from libnsl */ +extern userstr_t *_getusernam(const char *, userstr_t *, char *, int, int *); +extern userstr_t *_getuserattr(userstr_t *, char *, int, int *); +extern userstr_t *_fgetuserattr(FILE *, userstr_t *, char *, int); +extern void _setuserattr(void); +extern void _enduserattr(void); + + +static userattr_t *userstr2attr(userstr_t *); +static userstr_t *process_getuser(userstr_t *, char *, int, nsc_data_t *); + + +userattr_t * +getuserattr() +{ + int err = 0; + char buf[NSS_BUFLEN_USERATTR]; + userstr_t user; + userstr_t *tmp; + + (void) memset(&user, 0, sizeof (userattr_t)); + tmp = _getuserattr(&user, buf, NSS_BUFLEN_USERATTR, &err); + return (userstr2attr(tmp)); +} + + +userattr_t * +fgetuserattr(FILE *f) +{ + char buf[NSS_BUFLEN_USERATTR]; + userstr_t user; + userstr_t *tmp; + + (void) memset(&user, 0, sizeof (userattr_t)); + tmp = _fgetuserattr(f, &user, buf, NSS_BUFLEN_USERATTR); + return (userstr2attr(tmp)); +} + + +userattr_t * +getusernam(const char *name) +{ + int err = 0; + int ndata; + int adata; + char buf[NSS_BUFLEN_USERATTR]; + userstr_t user; + union { + nsc_data_t s_d; + char s_b[1024]; + } space; + nsc_data_t *sptr; + userstr_t *resptr = (userstr_t *)NULL; + +#ifdef PIC + if ((name == NULL) || + (strlen(name) >= (sizeof (space) - sizeof (nsc_data_t)))) { + errno = ERANGE; + return ((userattr_t *)NULL); + } + ndata = sizeof (space); + adata = strlen(name) + sizeof (nsc_call_t) + 1; + space.s_d.nsc_call.nsc_callnumber = GETUSERNAM; + (void) strcpy(space.s_d.nsc_call.nsc_u.name, name); + sptr = &space.s_d; + + switch (_nsc_trydoorcall(&sptr, &ndata, &adata)) { + case SUCCESS: /* positive cache hit */ + break; + case NOTFOUND: /* negative cache hit */ + return ((userattr_t *)NULL); + default: + (void) memset(&user, 0, sizeof (userattr_t)); + resptr = _getusernam(name, &user, buf, + NSS_BUFLEN_USERATTR, &err); + return (userstr2attr(resptr)); + } + resptr = process_getuser(&user, buf, NSS_BUFLEN_USERATTR, sptr); + + /* + * check if doors reallocated the memory underneath us + * if they did munmap it or suffer a memory leak + */ + if (sptr != &space.s_d) + (void) munmap((void *)sptr, ndata); +#else /* !PIC */ + resptr = _getusernam(name, &user, buf, NSS_BUFLEN_USERATTR, &err); +#endif /* PIC */ + + return (userstr2attr(resptr)); + +} + + +userattr_t * +getuseruid(uid_t u) +{ + struct passwd pwd; + char buf[NSS_BUFLEN_PASSWD]; + + if (getpwuid_r(u, &pwd, buf, NSS_BUFLEN_PASSWD) == NULL) + return ((userattr_t *)NULL); + return (getusernam(pwd.pw_name)); +} + + +void +setuserattr() +{ + _setuserattr(); +} + + +void +enduserattr() +{ + _enduserattr(); +} + + +void +free_userattr(userattr_t *user) +{ + if (user) { + free(user->name); + free(user->qualifier); + free(user->res1); + free(user->res2); + _kva_free(user->attr); + free(user); + } +} + + +static userattr_t * +userstr2attr(userstr_t *user) +{ + userattr_t *newuser; + + if (user == NULL) + return ((userattr_t *)NULL); + + if ((newuser = (userattr_t *)malloc(sizeof (userattr_t))) == NULL) + return ((userattr_t *)NULL); + + newuser->name = _do_unescape(user->name); + newuser->qualifier = _do_unescape(user->qualifier); + newuser->res1 = _do_unescape(user->res1); + newuser->res2 = _do_unescape(user->res2); + newuser->attr = _str2kva(user->attr, KV_ASSIGN, KV_DELIMITER); + return (newuser); +} + + +static userstr_t * +process_getuser( + userstr_t *result, + char *buffer, + int buflen, + nsc_data_t *sptr) +{ + char *fixed; +#ifdef _LP64 + userstr_t user64; + + fixed = (char *)(((uintptr_t)buffer + 7) & ~7); +#else + fixed = (char *)(((uintptr_t)buffer + 3) & ~3); +#endif + buflen -= fixed - buffer; + buffer = fixed; + + if (sptr->nsc_ret.nsc_return_code != SUCCESS) + return ((userstr_t *)NULL); + +#ifdef _LP64 + if (sptr->nsc_ret.nsc_bufferbytesused - (int)sizeof (userstr32_t) + > buflen) +#else + if (sptr->nsc_ret.nsc_bufferbytesused - (int)sizeof (userstr_t) + > buflen) +#endif + { + errno = ERANGE; + return ((userstr_t *)NULL); + } + +#ifdef _LP64 + (void) memcpy(buffer, (sptr->nsc_ret.nsc_u.buff + sizeof (userstr32_t)), + (sptr->nsc_ret.nsc_bufferbytesused - sizeof (userstr32_t))); + user64.name = (char *)(sptr->nsc_ret.nsc_u.user.name + + (uintptr_t)buffer); + user64.qualifier = (char *)(sptr->nsc_ret.nsc_u.user.qualifier + + (uintptr_t)buffer); + user64.res1 = (char *)(sptr->nsc_ret.nsc_u.user.res1 + + (uintptr_t)buffer); + user64.res2 = (char *)(sptr->nsc_ret.nsc_u.user.res2 + + (uintptr_t)buffer); + user64.attr = (char *)(sptr->nsc_ret.nsc_u.user.attr + + (uintptr_t)buffer); + *result = user64; +#else + sptr->nsc_ret.nsc_u.user.name += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.user.qualifier += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.user.res1 += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.user.res2 += (uintptr_t)buffer; + sptr->nsc_ret.nsc_u.user.attr += (uintptr_t)buffer; + *result = sptr->nsc_ret.nsc_u.user; + (void) memcpy(buffer, (sptr->nsc_ret.nsc_u.buff + sizeof (userstr_t)), + (sptr->nsc_ret.nsc_bufferbytesused - sizeof (userstr_t))); +#endif + return (result); +} + + +#ifdef DEBUG +void +print_userattr(userattr_t *user) +{ + extern void print_kva(kva_t *); + char *empty = "empty"; + + if (user == NULL) { + printf("NULL\n"); + return; + } + + printf("name=%s\n", user->name ? user->name : empty); + printf("qualifier=%s\n", user->qualifier ? user->qualifier : empty); + printf("res1=%s\n", user->res1 ? user->res1 : empty); + printf("res2=%s\n", user->res2 ? user->res2 : empty); + printf("attr=\n"); + print_kva(user->attr); + fflush(stdout); +} +#endif /* DEBUG */ diff --git a/usr/src/lib/libsecdb/common/llib-lsecdb b/usr/src/lib/libsecdb/common/llib-lsecdb new file mode 100644 index 0000000000..4e32c65c2e --- /dev/null +++ b/usr/src/lib/libsecdb/common/llib-lsecdb @@ -0,0 +1,36 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright (c) 1999, 2001 by Sun Microsystems, Inc. + * All rights reserved. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +/* LINTLIBRARY */ +/* PROTOLIB1 */ + +#include <auth_attr.h> +#include <exec_attr.h> +#include <prof_attr.h> +#include <user_attr.h> +#include <secdb.h> diff --git a/usr/src/lib/libsecdb/common/secdb.c b/usr/src/lib/libsecdb/common/secdb.c new file mode 100644 index 0000000000..8d2b00829a --- /dev/null +++ b/usr/src/lib/libsecdb/common/secdb.c @@ -0,0 +1,390 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <stdio.h> +#include <stdlib.h> +#include <strings.h> +#include <secdb.h> +#include <ctype.h> + +/* From libnsl */ +extern char *_strdup_null(char *); +extern char *_strtok_escape(char *, char *, char **); +extern char *_strpbrk_escape(char *, char *); +extern char *_unescape(char *, char *); + +char *_do_unescape(char *); + + +/* + * kva_match(): Given a key-value array and a key, return a pointer to the + * value that matches the key. + */ +char * +kva_match(kva_t *kva, char *key) +{ + int i; + kv_t *data; + + if (kva == NULL || key == NULL) { + return ((char *)NULL); + } + data = kva->data; + for (i = 0; i < kva->length; i++) { + if (strcmp(data[i].key, key) == 0) { + return (data[i].value); + } + } + + return ((char *)NULL); +} + +/* + * _kva_free(): Free up memory. + */ +void +_kva_free(kva_t *kva) +{ + int i; + kv_t *data; + + if (kva == NULL) { + return; + } + data = kva->data; + for (i = 0; i < kva->length; i++) { + if (data[i].key != NULL) { + free(data[i].key); + data[i].key = NULL; + } + if (data[i].value != NULL) { + free(data[i].value); + data[i].value = NULL; + } + } + free(kva->data); + free(kva); +} + +/* + * new_kva(): Allocate a key-value array. + */ +kva_t * +_new_kva(int size) +{ + kva_t *new_kva; + + if ((new_kva = (kva_t *)calloc(1, sizeof (kva_t))) == NULL) { + return ((kva_t *)NULL); + } + if ((new_kva->data = (kv_t *)calloc(1, (size*sizeof (kv_t)))) == NULL) { + free(new_kva); + return ((kva_t *)NULL); + } + + return (new_kva); +} + +/* + * _str2kva(): Given a string (s) of key-value pairs, separated by delimeter + * (del), place the values into the key value array (nkva). + */ +kva_t * +_str2kva(char *s, char *ass, char *del) +{ + int n = 0; + int m; + int size = KV_ADD_KEYS; + char *buf; + char *p; + char *pair; + char *key; + char *last_pair; + char *last_key; + kv_t *data; + kva_t *nkva; + + if (s == NULL || + ass == NULL || + del == NULL || + *s == '\0' || + *s == '\n' || + (strlen(s) <= 1)) { + return ((kva_t *)NULL); + } + p = s; + while ((p = _strpbrk_escape(p, ass)) != NULL) { + n++; + p++; + } + if (n > size) { + m = n/size; + if (n%size) { + ++m; + } + size = m * KV_ADD_KEYS; + } + if ((nkva = _new_kva(size)) == NULL) { + return ((kva_t *)NULL); + } + data = nkva->data; + nkva->length = 0; + if ((buf = strdup(s)) == NULL) { + return ((kva_t *)NULL); + } + pair = _strtok_escape(buf, del, &last_pair); + do { + key = _strtok_escape(pair, ass, &last_key); + if (key != NULL) { + data[nkva->length].key = _do_unescape(key); + data[nkva->length].value = _do_unescape(last_key); + nkva->length++; + } + } while ((pair = _strtok_escape(NULL, del, &last_pair)) != NULL); + free(buf); + return (nkva); +} + +/* + * _kva2str(): Given an array of key-value pairs, place them into a string + * (buf). Use delimeter (del) to separate pairs. Use assignment character + * (ass) to separate keys and values. + * + * Return Values: 0 Success 1 Buffer too small 2 Out of memory + */ +int +_kva2str(kva_t *kva, char *buf, int buflen, char *ass, char *del) +{ + int i; + int length = 0; + char *tmp; + kv_t *data; + + if (kva == NULL) { + return (0); + } + data = kva->data; + for (i = 0; i < kva->length; i++) { + if (data[i].value != NULL) { + length += 2 + strlen(data[i].value); + } + } + if (length > buflen) { + return (1); + } + (void) memset(buf, 0, buflen); + if ((tmp = (char *)malloc(buflen)) == NULL) { + return (2); + } + for (i = 0; i < kva->length; i++) { + if (data[i].value != NULL) { + if (snprintf(tmp, buflen, "%s%s%s%s", + data[i].key, ass, data[i].value, del) >= buflen) { + return (0); + } + (void) strcat(buf, tmp); + } + } + return (0); +} + +int +_insert2kva(kva_t *kva, char *key, char *value) +{ + int i; + kv_t *data; + + if (kva == NULL) { + return (0); + } + data = kva->data; + for (i = 0; i < kva->length; i++) { + if (strcmp(data[i].key, key) == 0) { + if (data[i].value != NULL) + free(data[i].value); + data[i].value = _strdup_null(value); + return (0); + } + } + return (1); +} + +kva_t * +_kva_dup(kva_t *old_kva) +{ + int i; + int size; + kv_t *old_data; + kv_t *new_data; + kva_t *nkva = (kva_t *)NULL; + + if (old_kva == NULL) { + return ((kva_t *)NULL); + } + old_data = old_kva->data; + size = old_kva->length; + if ((nkva = _new_kva(size)) == NULL) { + return ((kva_t *)NULL); + } + new_data = nkva->data; + nkva->length = old_kva->length; + for (i = 0; i <= nkva->length; i++) { + new_data[i].key = _strdup_null(old_data[i].key); + new_data[i].value = _strdup_null(old_data[i].value); + } + + return (nkva); +} + +static void +strip_spaces(char **valuep) +{ + char *p, *start; + + /* Find first non-white space character and return pointer to it */ + for (p = *valuep; *p != '\0' && isspace((unsigned char)*p); p++) + ; + + *valuep = start = p; + + if (*p == '\0') + return; + + p = p + strlen(p) - 1; + + /* Remove trailing spaces */ + while (p > start && isspace((unsigned char)*p)) + p--; + + p[1] = '\0'; +} + +char * +_do_unescape(char *src) +{ + char *tmp = NULL; + char *dst = NULL; + + if (src == NULL) { + dst = _strdup_null(src); + } else { + strip_spaces(&src); + tmp = _unescape(src, "=;:,\\"); + dst = (tmp == NULL) ? _strdup_null(src) : tmp; + } + + return (dst); +} + + +/* + * Some utilities for handling comma-separated lists. + */ +char * +_argv_to_csl(char **strings) +{ + int len = 0; + int i = 0; + char *newstr = (char *)NULL; + + if (strings == NULL) + return ((char *)NULL); + for (i = 0; strings[i] != NULL; i++) { + len += strlen(strings[i]) + 1; + } + if ((newstr = (char *)malloc(len + 1)) == NULL) { + return ((char *)NULL); + } + (void) memset(newstr, 0, len); + for (i = 0; strings[i] != NULL; i++) { + (void) strcat(newstr, strings[i]); + (void) strcat(newstr, ","); + } + newstr[len-1] = NULL; + return (newstr); +} + + +char ** +_csl_to_argv(char *csl) +{ + int len = 0; + int ncommas = 0; + int i = 0; + char **spc = (char **)NULL; + char *copy = (char *)NULL; + char *pc; + char *lasts = (char *)NULL; + + len = strlen(csl); + for (i = 0; i < len; i++) { + if (csl[i] == ',') + ncommas++; + } + if ((spc = (char **)malloc((ncommas + 2) * sizeof (char *))) == NULL) { + return ((char **)NULL); + } + copy = strdup(csl); + for (pc = strtok_r(copy, ",", &lasts), i = 0; pc != NULL; + pc = strtok_r(NULL, ",", &lasts), i++) { + spc[i] = strdup(pc); + } + spc[i] = NULL; + free(copy); + return (spc); +} + + +void +_free_argv(char **p_argv) +{ + char **p_a; + + for (p_a = p_argv; *p_a != NULL; p_a++) + free(*p_a); + free(p_argv); +} + + +#ifdef DEBUG +void +print_kva(kva_t *kva) +{ + int i; + kv_t *data; + + if (kva == NULL) { + printf(" (empty)\n"); + return; + } + data = kva->data; + for (i = 0; i < kva->length; i++) { + printf(" %s = %s\n", data[i].key, data[i].value); + } +} +#endif /* DEBUG */ diff --git a/usr/src/lib/libsecdb/exec_attr.txt b/usr/src/lib/libsecdb/exec_attr.txt new file mode 100644 index 0000000000..36eaaabd01 --- /dev/null +++ b/usr/src/lib/libsecdb/exec_attr.txt @@ -0,0 +1,296 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# /etc/security/exec_attr +# +# execution attributes for profiles. see exec_attr(4) +# +#ident "%Z%%M% %I% %E% SMI" +# +# +All:suser:cmd:::*: +Audit Control:suser:cmd:::/etc/security/bsmconv:uid=0 +Audit Control:suser:cmd:::/etc/security/bsmunconv:uid=0 +Audit Control:suser:cmd:::/usr/sbin/audit:euid=0 +Audit Control:suser:cmd:::/usr/sbin/auditconfig:euid=0 +Audit Control:suser:cmd:::/usr/sbin/auditd:uid=0 +Audit Review:suser:cmd:::/usr/sbin/auditreduce:euid=0 +Audit Review:suser:cmd:::/usr/sbin/auditstat:euid=0 +Audit Review:suser:cmd:::/usr/sbin/praudit:euid=0 +Contract Observer:solaris:cmd:::/usr/bin/ctwatch:\ + privs=contract_event,contract_observer +Cron Management:suser:cmd:::/usr/bin/crontab:euid=0 +Crypto Management:suser:cmd:::/usr/sbin/cryptoadm:euid=0 +Crypto Management:suser:cmd:::/usr/sfw/bin/openssl:euid=0 +Crypto Management:suser:cmd:::/usr/sfw/bin/CA.pl:euid=0 +DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/dhcpconfig:uid=0 +DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/dhtadm:uid=0 +DHCP Management:suser:cmd:::/usr/lib/inet/dhcp/svcadm/pntadm:uid=0 +Device Management:suser:cmd:::/usr/sbin/allocate:uid=0 +Device Management:suser:cmd:::/usr/sbin/add_drv:uid=0 +Device Management:suser:cmd:::/usr/sbin/deallocate:uid=0 +Device Management:suser:cmd:::/usr/sbin/rem_drv:uid=0 +Device Management:suser:cmd:::/usr/sbin/update_drv:uid=0 +Device Security:suser:cmd:::/usr/sbin/add_drv:uid=0 +Device Security:suser:cmd:::/usr/sbin/devfsadm:uid=0 +Device Security:suser:cmd:::/usr/sbin/eeprom:uid=0 +Device Security:solaris:cmd:::/usr/bin/kbd:uid=0;gid=sys +Device Security:suser:cmd:::/usr/sbin/list_devices:euid=0 +Device Security:suser:cmd:::/usr/sbin/rem_drv:uid=0 +Device Security:suser:cmd:::/usr/sbin/strace:euid=0 +Device Security:suser:cmd:::/usr/sbin/update_drv:uid=0 +FTP Management:suser:cmd:::/usr/sbin/ftpaddhost:uid=0 +FTP Management:suser:cmd:::/usr/sbin/ftpconfig:uid=0 +FTP Management:suser:cmd:::/usr/sbin/ftprestart:euid=0 +FTP Management:suser:cmd:::/usr/sbin/ftpshut:euid=0;egid=sys +FTP Management:suser:cmd:::/usr/sbin/privatepw:uid=0;egid=sys +File System Management:solaris:cmd:::/sbin/mount:privs=sys_mount +File System Management:solaris:cmd:::/sbin/umount:privs=sys_mount +File System Management:suser:cmd:::/usr/bin/eject:euid=0 +File System Management:suser:cmd:::/usr/bin/mkdir:euid=0 +File System Management:suser:cmd:::/usr/bin/rmdir:euid=0 +File System Management:suser:cmd:::/usr/lib/autofs/automountd:euid=0 +File System Management:suser:cmd:::/usr/lib/fs/autofs/automount:euid=0 +File System Management:suser:cmd:::/usr/lib/fs/nfs/showmount:euid=0 +File System Management:suser:cmd:::/usr/lib/fs/ufs/fsirand:euid=0 +File System Management:suser:cmd:::/usr/lib/fs/ufs/newfs:euid=0 +File System Management:suser:cmd:::/usr/lib/fs/ufs/tunefs:uid=0 +File System Management:suser:cmd:::/usr/sbin/clri:euid=0 +File System Management:suser:cmd:::/usr/sbin/devinfo:euid=0 +File System Management:suser:cmd:::/usr/sbin/dfmounts:euid=0 +File System Management:suser:cmd:::/usr/sbin/dfshares:euid=0 +File System Management:suser:cmd:::/usr/sbin/ff:euid=0 +File System Management:suser:cmd:::/usr/sbin/format:euid=0 +File System Management:suser:cmd:::/usr/sbin/fsck:euid=0 +File System Management:suser:cmd:::/usr/sbin/fsdb:euid=0 +File System Management:suser:cmd:::/usr/sbin/fstyp:euid=0 +File System Management:suser:cmd:::/usr/sbin/fuser:euid=0 +File System Management:suser:cmd:::/usr/sbin/mkfile:euid=0 +File System Management:suser:cmd:::/usr/sbin/mkfs:euid=0 +File System Management:suser:cmd:::/usr/sbin/mount:uid=0 +File System Management:suser:cmd:::/usr/sbin/mountall:uid=0 +File System Management:solaris:cmd:::/usr/sbin/quotacheck:uid=0;gid=sys +File System Management:solaris:cmd:::/usr/sbin/quotaoff:uid=0;gid=sys +File System Management:solaris:cmd:::/usr/sbin/quotaon:uid=0;gid=sys +File System Management:suser:cmd:::/usr/sbin/ramdiskadm:euid=0 +File System Management:suser:cmd:::/usr/sbin/share:uid=0;gid=root +File System Management:suser:cmd:::/usr/sbin/shareall:uid=0;gid=root +File System Management:suser:cmd:::/usr/sbin/swap:euid=0 +File System Management:suser:cmd:::/usr/sbin/umount:uid=0 +File System Management:suser:cmd:::/usr/sbin/umountall:uid=0 +File System Management:suser:cmd:::/usr/sbin/unshare:uid=0;gid=root +File System Management:suser:cmd:::/usr/sbin/unshareall:uid=0;gid=root +IP Filter Management:solaris:cmd:::/usr/sbin/ipf:privs=sys_net_config +IP Filter Management:solaris:cmd:::/usr/sbin/ipfs:privs=sys_net_config +IP Filter Management:solaris:cmd:::/usr/sbin/ipmon:privs=sys_net_config +IP Filter Management:solaris:cmd:::/usr/sbin/ipfstat:privs=sys_net_config;gid=sys +IP Filter Management:solaris:cmd:::/usr/sbin/ipnat:privs=sys_net_config;gid=sys +IP Filter Management:solaris:cmd:::/usr/sbin/ippool:privs=sys_net_config;gid=sys +IP Filter Management:solaris:cmd:::/usr/sbin/pfild:uid=0 +Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/krb5kdc:uid=0 +Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kadmind:uid=0 +Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kprop:euid=0;privs=none +Kerberos Server Management:solaris:cmd:::/usr/sbin/kadmin.local:euid=0;privs=none +Kerberos Server Management:solaris:cmd:::/usr/sbin/kdb5_util:euid=0;privs=none +Kerberos Client Management:solaris:cmd:::/usr/bin/klist:euid=0;privs=file_dac_read +Kerberos Client Management:solaris:cmd:::/usr/sbin/kadmin:euid=0;privs=none +Kerberos Client Management:solaris:cmd:::/usr/sbin/kclient:euid=0;privs=none +Log Management:suser:cmd:::/usr/sbin/logadm:euid=0 +Mail Management:suser:cmd:::/usr/lib/sendmail:uid=0 +Mail Management:suser:cmd:::/usr/sbin/editmap:euid=0 +Mail Management:suser:cmd:::/usr/sbin/makemap:euid=0 +Mail Management:suser:cmd:::/usr/sbin/newaliases:euid=0 +Maintenance and Repair:solaris:cmd:::/usr/bin/mdb:privs=all +Maintenance and Repair:suser:cmd:::/usr/bin/mdb:euid=0 +Maintenance and Repair:solaris:cmd:::/usr/bin/coreadm:euid=0;\ + privs=sys_config,proc_owner +Maintenance and Repair:suser:cmd:::/usr/bin/date:euid=0 +Maintenance and Repair:suser:cmd:::/usr/bin/ldd:euid=0 +Maintenance and Repair:suser:cmd:::/usr/bin/vmstat:euid=0 +Maintenance and Repair:suser:cmd:::/usr/sbin/eeprom:euid=0 +Maintenance and Repair:suser:cmd:::/usr/sbin/halt:euid=0 +Maintenance and Repair:suser:cmd:::/sbin/init:euid=0 +Maintenance and Repair:suser:cmd:::/usr/sbin/poweroff:uid=0 +Maintenance and Repair:suser:cmd:::/usr/sbin/prtconf:euid=0 +Maintenance and Repair:suser:cmd:::/usr/sbin/reboot:uid=0 +Maintenance and Repair:suser:cmd:::/usr/sbin/syslogd:euid=0 +Media Backup:suser:cmd:::/usr/bin/mt:euid=0 +Media Backup:suser:cmd:::/usr/lib/fs/ufs/ufsdump:euid=0;gid=sys +Media Backup:suser:cmd:::/usr/sbin/tar:euid=0 +Media Restore:suser:cmd:::/usr/bin/cpio:euid=0 +Media Restore:suser:cmd:::/usr/bin/mt:euid=0 +Media Restore:suser:cmd:::/usr/lib/fs/ufs/ufsrestore:euid=0 +Media Restore:suser:cmd:::/usr/sbin/tar:euid=0 +Name Service Management:suser:cmd:::/usr/bin/nischttl:euid=0 +Name Service Management:suser:cmd:::/usr/bin/nisln:euid=0 +Name Service Management:suser:cmd:::/usr/lib/nis/nisctl:euid=0 +Name Service Management:suser:cmd:::/usr/lib/nis/nisping:euid=0 +Name Service Management:suser:cmd:::/usr/lib/nis/nisshowcache:euid=0 +Name Service Management:suser:cmd:::/usr/lib/nis/nisstat:euid=0 +Name Service Management:suser:cmd:::/usr/sbin/nscd:euid=0 +Name Service Security:suser:cmd:::/usr/bin/chkey:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nisaddcred:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nischgrp:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nischmod:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nischown:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nisgrpadm:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nismkdir:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nispasswd:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nisrm:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nisrmdir:euid=0 +Name Service Security:suser:cmd:::/usr/bin/nistbladm:euid=0 +Name Service Security:suser:cmd:::/usr/lib/nis/nisaddent:euid=0 +Name Service Security:suser:cmd:::/usr/lib/nis/nisclient:uid=0 +Name Service Security:suser:cmd:::/usr/lib/nis/nispopulate:euid=0 +Name Service Security:suser:cmd:::/usr/lib/nis/nisserver:uid=0 +Name Service Security:suser:cmd:::/usr/lib/nis/nissetup:euid=0 +Name Service Security:suser:cmd:::/usr/lib/nis/nisupdkeys:euid=0 +Name Service Security:suser:cmd:::/usr/sbin/ldapclient:uid=0 +Name Service Security:suser:cmd:::/usr/sbin/newkey:euid=0 +Name Service Security:suser:cmd:::/usr/sbin/nisinit:euid=0 +Name Service Security:suser:cmd:::/usr/sbin/nislog:euid=0 +Name Service Security:suser:cmd:::/usr/sbin/rpc.nisd:uid=0;gid=0 +Network Management:solaris:cmd:::/sbin/ifconfig:uid=0 +Network Management:solaris:cmd:::/sbin/route:privs=sys_net_config +Network Management:solaris:cmd:::/sbin/routeadm:euid=0;\ + privs=proc_chroot,proc_owner,sys_net_config +Network Management:solaris:cmd:::/sbin/dladm:privs=sys_net_config +Network Management:suser:cmd:::/usr/bin/netstat:uid=0 +Network Management:suser:cmd:::/usr/bin/rup:euid=0 +Network Management:suser:cmd:::/usr/bin/ruptime:euid=0 +Network Management:suser:cmd:::/usr/bin/setuname:euid=0 +Network Management:suser:cmd:::/usr/sbin/asppp2pppd:euid=0 +Network Management:suser:cmd:::/usr/sbin/ifconfig:uid=0 +Network Management:suser:cmd:::/usr/sbin/ipaddrsel:euid=0 +Network Management:suser:cmd:::/usr/sbin/ipqosconf:euid=0 +Network Management:suser:cmd:::/usr/sbin/rndc:privs=file_dac_read +Network Management:suser:cmd:::/usr/sbin/route:uid=0 +Network Management:suser:cmd:::/usr/sbin/snoop:uid=0 +Network Management:suser:cmd:::/usr/sbin/spray:euid=0 +Network Security:solaris:cmd:::/usr/lib/inet/certdb:privs=sys_net_config +Network Security:solaris:cmd:::/usr/lib/inet/certlocal:privs=sys_net_config +Network Security:solaris:cmd:::/usr/lib/inet/certrldb:privs=sys_net_config +Network Security:solaris:cmd:::/usr/lib/inet/in.iked:privs=sys_net_config,net_privaddr +Network Security:solaris:cmd:::/usr/sbin/ikeadm:privs=sys_net_config +Network Security:solaris:cmd:::/usr/sbin/ikecert:privs=sys_net_config +Network Security:solaris:cmd:::/usr/sbin/ipsecconf:privs=sys_net_config +Network Security:solaris:cmd:::/usr/sbin/ipseckey:privs=sys_net_config +Network Security:solaris:cmd:::/usr/sbin/ipsecalgs:privs=sys_net_config +Network Security:suser:cmd:::/usr/bin/ssh-keygen:uid=0;gid=sys +Network Security:suser:cmd:::/usr/lib/inet/certdb:euid=0 +Network Security:suser:cmd:::/usr/lib/inet/certlocal:euid=0 +Network Security:suser:cmd:::/usr/lib/inet/certrldb:euid=0 +Network Security:suser:cmd:::/usr/lib/inet/in.iked:uid=0 +Network Security:suser:cmd:::/usr/sbin/ikeadm:euid=0 +Network Security:suser:cmd:::/usr/sbin/ikecert:euid=0 +Network Security:suser:cmd:::/usr/sbin/ipsecconf:euid=0 +Network Security:suser:cmd:::/usr/sbin/ipseckey:euid=0 +Network Security:suser:cmd:::/usr/sbin/ipsecalgs:euid=0 +Object Access Management:solaris:cmd:::/usr/bin/chgrp:privs=file_chown +Object Access Management:solaris:cmd:::/usr/bin/chmod:privs=file_owner +Object Access Management:solaris:cmd:::/usr/bin/chown:privs=file_chown +Object Access Management:solaris:cmd:::/usr/bin/setfacl:privs=file_owner +Object Access Management:suser:cmd:::/usr/bin/chgrp:euid=0 +Object Access Management:suser:cmd:::/usr/bin/chmod:euid=0 +Object Access Management:suser:cmd:::/usr/bin/chown:euid=0 +Object Access Management:suser:cmd:::/usr/bin/getfacl:euid=0 +Object Access Management:suser:cmd:::/usr/bin/setfacl:euid=0 +Printer Management:suser:cmd:::/usr/bin/cancel:euid=lp;uid=lp +Printer Management:suser:cmd:::/usr/bin/lpset:egid=14 +Printer Management:suser:cmd:::/usr/bin/lpstat:euid=0 +Printer Management:suser:cmd:::/usr/lib/lp/local/accept:uid=lp +Printer Management:suser:cmd:::/usr/lib/lp/local/lpadmin:uid=lp;gid=8 +Printer Management:suser:cmd:::/usr/lib/lp/lpsched:uid=0 +Printer Management:suser:cmd:::/usr/sbin/accept:euid=lp;uid=lp +Printer Management:suser:cmd:::/usr/sbin/lpadmin:egid=14;uid=lp;gid=8 +Printer Management:suser:cmd:::/usr/sbin/lpfilter:euid=lp;uid=lp +Printer Management:suser:cmd:::/usr/sbin/lpforms:euid=lp +Printer Management:suser:cmd:::/usr/sbin/lpmove:euid=lp +Printer Management:suser:cmd:::/usr/sbin/lpshut:euid=lp +Printer Management:suser:cmd:::/usr/sbin/lpusers:euid=lp +Printer Management:suser:cmd:::/usr/ucb/lpq:euid=0 +Printer Management:suser:cmd:::/usr/ucb/lprm:euid=0 +Process Management:solaris:cmd:::/usr/bin/kill:privs=proc_owner +Process Management:solaris:cmd:::/usr/bin/nice:privs=proc_owner,proc_priocntl +Process Management:solaris:cmd:::/usr/bin/pcred:privs=proc_owner +Process Management:solaris:cmd:::/usr/bin/pfiles:privs=proc_owner +Process Management:solaris:cmd:::/usr/bin/pflags:privs=proc_owner +Process Management:solaris:cmd:::/usr/bin/ppriv:privs=proc_owner +Process Management:solaris:cmd:::/usr/bin/renice:privs=proc_owner,proc_priocntl +Process Management:suser:cmd:::/usr/bin/crontab:euid=0 +Process Management:suser:cmd:::/usr/bin/kill:euid=0 +Process Management:suser:cmd:::/usr/bin/nice:euid=0 +Process Management:suser:cmd:::/usr/bin/pcred:euid=0 +Process Management:suser:cmd:::/usr/bin/pfiles:euid=0 +Process Management:suser:cmd:::/usr/bin/pflags:euid=0 +Process Management:suser:cmd:::/usr/bin/pldd:euid=0 +Process Management:suser:cmd:::/usr/bin/pmap:euid=0 +Process Management:suser:cmd:::/usr/bin/prun:euid=0 +Process Management:suser:cmd:::/usr/bin/ps:euid=0 +Process Management:suser:cmd:::/usr/bin/psig:euid=0 +Process Management:suser:cmd:::/usr/bin/pstack:euid=0 +Process Management:suser:cmd:::/usr/bin/pstop:euid=0 +Process Management:suser:cmd:::/usr/bin/ptime:euid=0 +Process Management:suser:cmd:::/usr/bin/ptree:euid=0 +Process Management:suser:cmd:::/usr/bin/pwait:euid=0 +Process Management:suser:cmd:::/usr/bin/pwdx:euid=0 +Process Management:suser:cmd:::/usr/bin/renice:euid=0 +Process Management:suser:cmd:::/usr/bin/truss:euid=0 +Process Management:suser:cmd:::/usr/sbin/fuser:euid=0 +Process Management:solaris:cmd:::/usr/sbin/rcapadm:uid=0 +Project Management:solaris:cmd:::/usr/sbin/projadd:euid=0 +Project Management:solaris:cmd:::/usr/sbin/projmod:euid=0 +Project Management:solaris:cmd:::/usr/sbin/projdel:euid=0 +Software Installation:suser:cmd:::/usr/bin/ln:euid=0 +Software Installation:suser:cmd:::/usr/bin/pkginfo:uid=0 +Software Installation:suser:cmd:::/usr/bin/pkgmk:uid=0 +Software Installation:suser:cmd:::/usr/bin/pkgparam:uid=0 +Software Installation:suser:cmd:::/usr/bin/pkgproto:uid=0 +Software Installation:suser:cmd:::/usr/bin/pkgtrans:uid=0 +Software Installation:suser:cmd:::/usr/ccs/bin/make:euid=0 +Software Installation:suser:cmd:::/usr/sbin/install:euid=0 +Software Installation:suser:cmd:::/usr/sbin/pkgadd:uid=0;gid=bin +Software Installation:suser:cmd:::/usr/sbin/pkgask:uid=0 +Software Installation:suser:cmd:::/usr/sbin/pkgchk:uid=0 +Software Installation:suser:cmd:::/usr/sbin/pkgrm:uid=0;gid=bin +System Event Management:suser:cmd:::/usr/sbin/syseventadm:uid=0 +User Management:suser:cmd:::/usr/sbin/grpck:euid=0 +User Management:suser:cmd:::/usr/sbin/pwck:euid=0 +User Management:solaris:cmd:::/usr/sbin/useradd:euid=0 +User Management:solaris:cmd:::/usr/sbin/userdel:euid=0 +User Management:solaris:cmd:::/usr/sbin/usermod:euid=0 +User Management:solaris:cmd:::/usr/sbin/roleadd:euid=0 +User Management:solaris:cmd:::/usr/sbin/roledel:euid=0 +User Management:solaris:cmd:::/usr/sbin/rolemod:euid=0 +User Management:solaris:cmd:::/usr/sbin/groupadd:uid=0 +User Management:solaris:cmd:::/usr/sbin/groupdel:uid=0 +User Management:solaris:cmd:::/usr/sbin/groupmod:uid=0 +User Security:suser:cmd:::/usr/bin/passwd:uid=0 +User Security:solaris:cmd:::/usr/sbin/passmgmt:uid=0 +User Security:suser:cmd:::/usr/sbin/pwck:euid=0 +User Security:suser:cmd:::/usr/sbin/pwconv:euid=0 +DAT Administration:solaris:cmd:::/usr/sbin/datadm:euid=0 +Zone Management:solaris:cmd:::/usr/sbin/zonecfg:uid=0 +Zone Management:solaris:cmd:::/usr/sbin/zoneadm:uid=0 +Zone Management:solaris:cmd:::/usr/sbin/zlogin:uid=0 diff --git a/usr/src/lib/libsecdb/help/Makefile b/usr/src/lib/libsecdb/help/Makefile new file mode 100644 index 0000000000..17638f06f7 --- /dev/null +++ b/usr/src/lib/libsecdb/help/Makefile @@ -0,0 +1,47 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/help/Makefile +# + +SUBDIRS = auths profiles + +all:= TARGET= all +clean:= TARGET= clean +clobber:= TARGET= clobber +install:= TARGET= install +lint:= TARGET= lint +_msg:= TARGET= _msg + +.KEEP_STATE: + +all clean clobber install lint _msg: $(SUBDIRS) + +$(SUBDIRS): FRC + @cd $@; pwd; $(MAKE) $(TARGET) + +FRC: diff --git a/usr/src/lib/libsecdb/help/auths/AllSolAuthsHeader.html b/usr/src/lib/libsecdb/help/auths/AllSolAuthsHeader.html new file mode 100644 index 0000000000..7fa08f2cc2 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AllSolAuthsHeader.html @@ -0,0 +1,43 @@ +<HTML> + +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> + +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +All Solaris Authorizations includes every authorization defined in Solaris. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuditConfig.html b/usr/src/lib/libsecdb/help/auths/AuditConfig.html new file mode 100644 index 0000000000..f5e942fd28 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuditConfig.html @@ -0,0 +1,45 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> + +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Configure Auditing is in the Authorizations Included column, it grants the authorization to configure the auditing attributes
+for specific users, files, and machines. +<p> +If Configure Auditing is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuditHeader.html b/usr/src/lib/libsecdb/help/auths/AuditHeader.html new file mode 100644 index 0000000000..7e249606ae --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuditHeader.html @@ -0,0 +1,37 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +Audit Management Authorization Help +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuditRead.html b/usr/src/lib/libsecdb/help/auths/AuditRead.html new file mode 100644 index 0000000000..dd5aa4d1c4 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuditRead.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Read Audit Trail is in the Authorizations Included column, it grants the authorization to read the audit trail. +<p> +If Read Audit Trail is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthJobsAdmin.html b/usr/src/lib/libsecdb/help/auths/AuthJobsAdmin.html new file mode 100644 index 0000000000..15325937e3 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthJobsAdmin.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Manage All Jobs is in the Authorizations Included column, it grants the authorization to add, modify, or delete any job of any user, and also grants the authorization to modify cron policies, in the Job Scheduler tool of the Solaris Management Console. +<p> +If Manage All Jobs is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthJobsUser.html b/usr/src/lib/libsecdb/help/auths/AuthJobsUser.html new file mode 100644 index 0000000000..1808054677 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthJobsUser.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Manage Owned Jobs is in the Authorizations Included column, it grants the authorization to add, modify, or delete any job owned by the current user, in the Job Scheduler tool of the Solaris Management Console. +<p> +If Manage Owned Jobs is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthProfmgrAssign.html b/usr/src/lib/libsecdb/help/auths/AuthProfmgrAssign.html new file mode 100644 index 0000000000..8e751f3f0c --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthProfmgrAssign.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Assign All Rights is in the Authorizations Included column, it grants the authorization to assign any rights to a role in the Administrative Roles tool of the Solaris Management Console. +<p> +If Assign All Rights is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthProfmgrDelegate.html b/usr/src/lib/libsecdb/help/auths/AuthProfmgrDelegate.html new file mode 100644 index 0000000000..6b5d969311 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthProfmgrDelegate.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Assign Owned Rights is in the Authorizations Included column, it grants the authorization to assign the current role's rights to another role, in the Administrative Roles tool of the Solaris Management Console. +<p> +If Assign Owned Rights is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthProfmgrExecattrWrite.html b/usr/src/lib/libsecdb/help/auths/AuthProfmgrExecattrWrite.html new file mode 100644 index 0000000000..a34664797c --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthProfmgrExecattrWrite.html @@ -0,0 +1,40 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +<p> +When Manage Commands is in the Authorizations Included Column, it grants the authorization to add a command to a right, or to remove it from a right, in the Users tools of the Solaris Management Console. It also grants the authority to change the execution attributes of commands included in a right: change real and effective UIDs and GIDs. +<p> +If Manage Commands is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthProfmgrRead.html b/usr/src/lib/libsecdb/help/auths/AuthProfmgrRead.html new file mode 100644 index 0000000000..621981b9e8 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthProfmgrRead.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When View Rights is in the Authorizations Included column, it grants the authorization to list and read rights, in the Users tools of the Solaris Management Console. +<p> +If View Rights is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthProfmgrWrite.html b/usr/src/lib/libsecdb/help/auths/AuthProfmgrWrite.html new file mode 100644 index 0000000000..084761b7d5 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthProfmgrWrite.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Manage Rights is in the Authorizations Included column, it grants the authorization to add, modify, and delete rights in the Users tools of the Solaris Management Console. +<p> +If Manage Rights is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthRoleAssign.html b/usr/src/lib/libsecdb/help/auths/AuthRoleAssign.html new file mode 100644 index 0000000000..5fd3fe3667 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthRoleAssign.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Assign All Roles is in the Authorizations Included column, it grants the authorizaton to assign users to any role, in the Users tools of the Solaris Management Console. +<p> +If Assign All Roles is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthRoleDelegate.html b/usr/src/lib/libsecdb/help/auths/AuthRoleDelegate.html new file mode 100644 index 0000000000..37fc1f5cf9 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthRoleDelegate.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Assign Owned Roles is in the Authorizations Included column, it grants the authorization to assign other users to those roles already assigned to the user itself, in the Users tools of the Solaris Management Console. +<p> +If Assign Owned Roles is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/AuthRoleWrite.html b/usr/src/lib/libsecdb/help/auths/AuthRoleWrite.html new file mode 100644 index 0000000000..ab94254053 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/AuthRoleWrite.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Manage Roles is in the Authorizations Included column, it grants the authorization to add, modify, or delete role accounts, in the Administrative Roles tool of the Solaris Management Console. +<p> +If Manage Roles is grayed, then you are not entitled to Add or Remove this authorization. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/BindStates.html b/usr/src/lib/libsecdb/help/auths/BindStates.html new file mode 100644 index 0000000000..486ffb0e2c --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/BindStates.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<BODY> +When Manage DNS Service States is in the Authorizations Include column, +it grants the authorization to temporarily enable or disable, refresh, +restart, move to another state, or bring online from a maintenance state the +DNS daemon. +<p> +If Manage DNS Service States is grayed, then you are not entitled to +Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DevAllocHeader.html b/usr/src/lib/libsecdb/help/auths/DevAllocHeader.html new file mode 100644 index 0000000000..a104a2ea67 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DevAllocHeader.html @@ -0,0 +1,37 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +Device Allocation authorizations allow users access to removable media. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DevAllocate.html b/usr/src/lib/libsecdb/help/auths/DevAllocate.html new file mode 100644 index 0000000000..c0c9596053 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DevAllocate.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Allocate Device is in the Authorizations Included column, it grants the authorization to Allocate and Deallocate removable media. +<p> +If Allocate Device is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DevCDRW.html b/usr/src/lib/libsecdb/help/auths/DevCDRW.html new file mode 100644 index 0000000000..9ecffcd774 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DevCDRW.html @@ -0,0 +1,45 @@ +<HTML> + +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> + +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When CD-R/RW Recording Authorizations is in the Authorizations Included column, it grants permission to write to a CD-RW device attached to the system using the cdrw(1) software. +<p> +If CD-R/RW Recording Authorizations is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DevConfig.html b/usr/src/lib/libsecdb/help/auths/DevConfig.html new file mode 100644 index 0000000000..9ef8e8dc9b --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DevConfig.html @@ -0,0 +1,44 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Configure Device Attributes is in the Authorizations Included column, it grants the authorization to configure the allocation attributes +for removable media. +<p> +If Configure Device Attributes is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DevGrant.html b/usr/src/lib/libsecdb/help/auths/DevGrant.html new file mode 100644 index 0000000000..949bec5ff6 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DevGrant.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Delegate Device Administration is in the Authorizations Included column, it grants a user with this authorization the ability to grant any Device Allocation authorizations that he or she has to other users. +<p> +If Delegate Device Administration is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DevRevoke.html b/usr/src/lib/libsecdb/help/auths/DevRevoke.html new file mode 100644 index 0000000000..49911a1ba0 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DevRevoke.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Revoke or Reclaim Device is in the Authorizations Included column, it grants the authorization to deallocate a currently allocated device or reset the allocate error state to make a device allocatable again. +<p> +If Revoke or Reclaim Device is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DhcpmgrHeader.html b/usr/src/lib/libsecdb/help/auths/DhcpmgrHeader.html new file mode 100644 index 0000000000..e33b1b1267 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DhcpmgrHeader.html @@ -0,0 +1,37 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +</HEAD> +<BODY> +DHCP Manager authorizations allow users to configure the DHCP service. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/DhcpmgrWrite.html b/usr/src/lib/libsecdb/help/auths/DhcpmgrWrite.html new file mode 100644 index 0000000000..c7fb117f7e --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/DhcpmgrWrite.html @@ -0,0 +1,38 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +</HEAD> +<BODY> +If checked, this user can configure the DHCP service. +<BR> +</BODY> +</HTML> + diff --git a/usr/src/lib/libsecdb/help/auths/JobHeader.html b/usr/src/lib/libsecdb/help/auths/JobHeader.html new file mode 100644 index 0000000000..7a92ca40b9 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/JobHeader.html @@ -0,0 +1,38 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +The authorizations allow access to cron and at jobs that +are run at specific times or intervals. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/JobsGrant.html b/usr/src/lib/libsecdb/help/auths/JobsGrant.html new file mode 100644 index 0000000000..8823f80f31 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/JobsGrant.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Delegate Cron & At Administration is in the Authorizations Included column, it grants a user with this authorization the ability to grant any of the at or cron job authorizations that he or she has to other users. +<p> +If Delegate Cron & At Administration is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/LoginEnable.html b/usr/src/lib/libsecdb/help/auths/LoginEnable.html new file mode 100644 index 0000000000..9a043aaa5e --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/LoginEnable.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Enable Logins is in the Authorizations Included column, it grants the authorization to enable logins after a system has been rebooted. +<p> +If Enable Logins is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/LoginHeader.html b/usr/src/lib/libsecdb/help/auths/LoginHeader.html new file mode 100644 index 0000000000..6dc26a3e09 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/LoginHeader.html @@ -0,0 +1,38 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +The authorizations specify the conditions under which a +user may log into a system. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/LoginRemote.html b/usr/src/lib/libsecdb/help/auths/LoginRemote.html new file mode 100644 index 0000000000..cb91487098 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/LoginRemote.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Remote Login is in the Authorizations Included column, it grants the authorization to log into a remote system that requires a password for authentication. +<p> +If Remote Login is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/MailHeader.html b/usr/src/lib/libsecdb/help/auths/MailHeader.html new file mode 100644 index 0000000000..83340cdc6c --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/MailHeader.html @@ -0,0 +1,36 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +These authorizations allow access to mail subsystem functions. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/MailQueue.html b/usr/src/lib/libsecdb/help/auths/MailQueue.html new file mode 100644 index 0000000000..18876bee98 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/MailQueue.html @@ -0,0 +1,40 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +</HEAD> +<BODY> +When Mail Queue is in the Authorizations Included column, it grants the authorization to view the mail queue. +<p> +If Mail Queue is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/Makefile b/usr/src/lib/libsecdb/help/auths/Makefile new file mode 100644 index 0000000000..8cc71d7ee1 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/Makefile @@ -0,0 +1,118 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/help/auths/Makefile +# + +include ../../../../Makefile.master + +HTMLENTS = \ + AuditConfig.html \ + AuditHeader.html \ + AuditRead.html \ + DevAllocHeader.html \ + DevAllocate.html \ + DevConfig.html \ + DevCDRW.html \ + DevGrant.html \ + DevRevoke.html \ + JobHeader.html \ + AuthJobsAdmin.html \ + JobsGrant.html \ + AuthJobsUser.html \ + LoginEnable.html \ + LoginHeader.html \ + LoginRemote.html \ + MailHeader.html \ + MailQueue.html \ + PriAdmin.html \ + AuthProfmgrAssign.html \ + AuthProfmgrDelegate.html \ + AuthProfmgrExecattrWrite.html \ + AuthProfmgrRead.html \ + ProfmgrHeader.html \ + AuthProfmgrWrite.html \ + AuthRoleAssign.html \ + AuthRoleDelegate.html \ + RoleHeader.html \ + AuthRoleWrite.html \ + SysDate.html \ + SysHeader.html \ + SysShutdown.html \ + AllSolAuthsHeader.html \ + DhcpmgrHeader.html \ + DhcpmgrWrite.html \ + BindStates.html \ + SmfAutofsStates.html \ + SmfCronStates.html \ + SmfHeader.html \ + SmfManageHeader.html \ + SmfModifyAppl.html \ + SmfModifyDepend.html \ + SmfModifyFramework.html \ + SmfModifyHeader.html \ + SmfModifyMethod.html \ + SmfNscdStates.html \ + SmfPowerStates.html \ + SmfSendmailStates.html \ + SmfSshStates.html \ + SmfSyslogStates.html + +HELPDIR=$(ROOT)/usr/lib/help +AUTHDIR=$(HELPDIR)/auths +LOCALEDIR=$(AUTHDIR)/locale +CDIR=$(LOCALEDIR)/C +DIRS=$(HELPDIR) $(AUTHDIR) $(LOCALEDIR) $(CDIR) +HELPFILES=$(HTMLENTS:%=$(CDIR)/%) + +MSGDIR= $(LOCALEDIR) +MSGDIRS = $(HELPDIR) $(AUTHDIR) $(LOCALEDIR) + +MSGFILES= $(HTMLENTS) +MSGS= $(MSGFILES:%=$(MSGDIR)/%) + +FILEMODE= 0444 +$(HELPFILES) := OWNER = root +$(HELPFILES) := GROUP = bin + +.KEEP_STATE: + +all: $(HTMLENTS) + +install: all $(DIRS) $(HELPFILES) + +_msg: $(MSGDIRS) $(MSGS) + +$(CDIR)/%: % + $(INS.file) + +$(DIRS): + $(INS.dir) + +$(MSGDIR)/%: % + $(INS.file) + +clean clobber lint: diff --git a/usr/src/lib/libsecdb/help/auths/PriAdmin.html b/usr/src/lib/libsecdb/help/auths/PriAdmin.html new file mode 100644 index 0000000000..7b50cda36f --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/PriAdmin.html @@ -0,0 +1,37 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +This authorization grants every authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/ProfmgrHeader.html b/usr/src/lib/libsecdb/help/auths/ProfmgrHeader.html new file mode 100644 index 0000000000..f07137fcc1 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/ProfmgrHeader.html @@ -0,0 +1,38 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +The authorizations allow users to maintain and assign execution +profiles. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/RoleHeader.html b/usr/src/lib/libsecdb/help/auths/RoleHeader.html new file mode 100644 index 0000000000..c01f9b0b24 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/RoleHeader.html @@ -0,0 +1,38 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +The authorization allow users to manage the set of roles +within a system. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfAutofsStates.html b/usr/src/lib/libsecdb/help/auths/SmfAutofsStates.html new file mode 100644 index 0000000000..7cb0a6fbb5 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfAutofsStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Automount Service States is in the Authorizations Include +column, it grants the authorization to enable, disable or restart +the automount daemon. +<p> +If Manage Automount Service States is grayed, then you are not entitled +to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfCronStates.html b/usr/src/lib/libsecdb/help/auths/SmfCronStates.html new file mode 100644 index 0000000000..365a658821 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfCronStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Cron Service States is in the Authorizations Include +column, it grants the authorization to enable, disable, or restart the +cron daemon. +<p> +If Manage Cron Service States is grayed, then you are not entitled to +Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfHeader.html b/usr/src/lib/libsecdb/help/auths/SmfHeader.html new file mode 100644 index 0000000000..cf6ccce5bd --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfHeader.html @@ -0,0 +1,36 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +SMF Management. This authorization controls access to SMF functions. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfManageHeader.html b/usr/src/lib/libsecdb/help/auths/SmfManageHeader.html new file mode 100644 index 0000000000..19e16e24fd --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfManageHeader.html @@ -0,0 +1,37 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +This authorization controls access to management of services controlled +by SMF. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfModifyAppl.html b/usr/src/lib/libsecdb/help/auths/SmfModifyAppl.html new file mode 100644 index 0000000000..407f775538 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfModifyAppl.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Modify Application Type Properties is in the Authorizations +Include column, it grants the the authorization to change values +or create, delete, or modify a property group of type application. +<P> +If Modify Application Type Properties is grayed, then you are not +entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfModifyDepend.html b/usr/src/lib/libsecdb/help/auths/SmfModifyDepend.html new file mode 100644 index 0000000000..7ea03f0873 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfModifyDepend.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Modify Service Dependencies is in the Authorizations Include +column, it grants the the authorization to change values or create, +delete, or modify a property group of type dependency. +<P> +If Modify Service Dependencies is grayed, then you are not entitled to +Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfModifyFramework.html b/usr/src/lib/libsecdb/help/auths/SmfModifyFramework.html new file mode 100644 index 0000000000..f20499270e --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfModifyFramework.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Modify Framework Type Properties is in the Authorizations +Include column, it grants the the authorization to change values +or create, delete, or modify a property group of type framework. +<P> +If Modify Framework Type Properties is grayed, then you are not +entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfModifyHeader.html b/usr/src/lib/libsecdb/help/auths/SmfModifyHeader.html new file mode 100644 index 0000000000..2c2405bff4 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfModifyHeader.html @@ -0,0 +1,37 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +Authorized to add, delete, or modify services, service instances, +or their properties. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfModifyMethod.html b/usr/src/lib/libsecdb/help/auths/SmfModifyMethod.html new file mode 100644 index 0000000000..b088ff3672 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfModifyMethod.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Modify Service Methods is in the Authorizations Include column, it +grants the the authorization to change values or create, delete, or +modify a property group of type method. +<P> +If Modify Service Methods is grayed, then you are not entitled to Add +or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfNscdStates.html b/usr/src/lib/libsecdb/help/auths/SmfNscdStates.html new file mode 100644 index 0000000000..12f4ed6a14 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfNscdStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Name Service Cache Daemon Service States is in the +Authorizations Include column, it grants the authorization to +enable, disable, or restart the Name Service Cache Daemon. +<p> +If Manage Name Service Cache Daemon Service States is grayed, then you +are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfPowerStates.html b/usr/src/lib/libsecdb/help/auths/SmfPowerStates.html new file mode 100644 index 0000000000..821c1ab8fc --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfPowerStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Power Management Service States is in the Authorizations +Include column, it grants the authorization to enable or disable the +Power Management Daemon. +<p> +If Manage Power Management Service States is grayed, then you are not +entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfSendmailStates.html b/usr/src/lib/libsecdb/help/auths/SmfSendmailStates.html new file mode 100644 index 0000000000..427357b942 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfSendmailStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Sendmail Service States is in the Authorizations Include +column, it grants the authorization to enable, disable, or restart the +sendmail daemon. +<p> +If Manage Sendmail Service States is grayed, then you are not entitled +to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfSshStates.html b/usr/src/lib/libsecdb/help/auths/SmfSshStates.html new file mode 100644 index 0000000000..91aefe1c4c --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfSshStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Secure Shell Service States is in the Authorizations +Include column, it grants the authorization to enable, disable or +refresh the secure shell daemon. +<p> +If Manage Secure Shell Service States is grayed, then you are not +entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SmfSyslogStates.html b/usr/src/lib/libsecdb/help/auths/SmfSyslogStates.html new file mode 100644 index 0000000000..1e761a7d6d --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SmfSyslogStates.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +Copyright 2004 Sun Microsystems, Inc. All rights reserved. +Use is subject to license terms. +--> +<!-- SCCS keyword +#ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> +--> +<BODY> +When Manage Syslog Service States is in the Authorizations Include +column, it grants the authorization to enable, disable, or +restart the syslog daemon. +<p> +If Manage Syslog Service States is grayed, then you are not entitled to +Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SysDate.html b/usr/src/lib/libsecdb/help/auths/SysDate.html new file mode 100644 index 0000000000..01b69961bd --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SysDate.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Set Date & Time is in the Authorizations Included column, it grants the authorization to modify the system date and time. +<p> +If Set Date & Time is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SysHeader.html b/usr/src/lib/libsecdb/help/auths/SysHeader.html new file mode 100644 index 0000000000..3eaede7eb8 --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SysHeader.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<!-- + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> + <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]"> +--> +<BODY> +These authorizations allow users to manage attributes of +the processor modules of the machine. These include setting +the clock, taking processors offline, or running diagnostics. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/auths/SysShutdown.html b/usr/src/lib/libsecdb/help/auths/SysShutdown.html new file mode 100644 index 0000000000..f1442837ca --- /dev/null +++ b/usr/src/lib/libsecdb/help/auths/SysShutdown.html @@ -0,0 +1,43 @@ +<HTML> +<!-- + Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Use is subject to license terms. + + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END +--> +<!-- SCCS keyword +#pragma ident "%Z%%M% %I% %E% SMI" +--> +<HEAD> +<!-- +META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" +--> +<!-- +META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]" +--> +</HEAD> +<BODY> +When Shutdown the System is in the Authorizations Included column, it grants the authorization to shutdown, suspend, or reboot the operating system. +<p> +If Shutdown the System is grayed, then you are not entitled to Add or Remove this authorization. +<BR> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/Makefile b/usr/src/lib/libsecdb/help/profiles/Makefile new file mode 100644 index 0000000000..c6891cf9c4 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/Makefile @@ -0,0 +1,104 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/help/profiles/Makefile +# + +include ../../../../Makefile.master + +HTMLENTS = \ + RtAll.html \ + RtAuditCtrl.html \ + RtAuditReview.html \ + RtContractObserver.html \ + RtCronMngmnt.html \ + RtCryptoMngmnt.html \ + RtLogMngmnt.html \ + RtDeviceMngmnt.html \ + RtDeviceSecurity.html \ + RtDHCPMngmnt.html \ + RtFileSysMngmnt.html \ + RtFileSysSecurity.html \ + RtFTPMngmnt.html \ + RtIPFilterMngmnt.html \ + RtKerberosClntMngmnt.html \ + RtKerberosSrvrMngmnt.html \ + RtMailMngmnt.html \ + RtMaintAndRepair.html \ + RtMediaBkup.html \ + RtMediaRestore.html \ + RtNameServiceAdmin.html \ + RtNameServiceSecure.html \ + RtNetMngmnt.html \ + RtNetSecure.html \ + RtObAccessMngmnt.html \ + RtPrntAdmin.html \ + RtProcManagement.html \ + RtRightsDelegate.html \ + RtSoftwareInstall.html \ + RtSysEvMngmnt.html \ + RtUserMngmnt.html \ + RtUserSecurity.html \ + RtDatAdmin.html \ + RtZoneMngmnt.html \ + RtDefault.html + + +HELPDIR = $(ROOT)/usr/lib/help +PROFDIR = $(HELPDIR)/profiles +LOCALEDIR = $(PROFDIR)/locale +CDIR = $(LOCALEDIR)/C +DIRS = $(HELPDIR) $(PROFDIR) $(LOCALEDIR) $(CDIR) +HELPFILES=$(HTMLENTS:%=$(CDIR)/%) + +MSGDIR= $(LOCALEDIR) +MSGDIRS = $(HELPDIR) $(PROFDIR) $(LOCALEDIR) + +MSGFILES= $(HTMLENTS) +MSGS= $(MSGFILES:%=$(MSGDIR)/%) + +FILEMODE = 0444 +$(HELPFILES) := OWNER = root +$(HELPFILES) := GROUP = bin + +.KEEP_STATE: + +all: $(HTMLENTS) + +install: all $(DIRS) $(HELPFILES) + +_msg: $(MSGDIRS) $(MSGS) + +$(CDIR)/%: % + $(INS.file) + +$(DIRS): + $(INS.dir) + +$(MSGDIR)/%: % + $(INS.file) + +clean clobber lint: diff --git a/usr/src/lib/libsecdb/help/profiles/RtAll.html b/usr/src/lib/libsecdb/help/profiles/RtAll.html new file mode 100644 index 0000000000..6d7c131ede --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtAll.html @@ -0,0 +1,45 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + + +When All is in the Rights Included column, it grants the right for a user or role to use any command when working in an administrator's shell, such as the Administrator's Korn or Administrator's C shells. +<p> +The normal policy for these shells is that they can only execute commands that have been explicitly assigned to a user (or role) through granted rights. Because using only the granted rights can be very limiting, it is common to give users the All right, which has a wild card entry matching every command. +<p> +However, no special process attributes are associated with the wild card, so the effect is that all commands matching the wild card run with the uid and gid of the current user (or role). +<p> +If you assign this right, it should always be last in the list of rights. If it is first, no other rights are consulted when looking up command attributes. +<p> +If All is grayed, then you are not entitled to Add or Remove this right. +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtAuditCtrl.html b/usr/src/lib/libsecdb/help/profiles/RtAuditCtrl.html new file mode 100644 index 0000000000..6380a9c9b4 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtAuditCtrl.html @@ -0,0 +1,40 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Audit Control is in the Rights Included column, it grants the right to manage the audit subsystem (which keeps track of event information), but not the right to read the audit files (see Audit Review). +<p> +If Audit Control is grayed, then you are not entitled to Add or Remove this right. +<p> +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtAuditReview.html b/usr/src/lib/libsecdb/help/profiles/RtAuditReview.html new file mode 100644 index 0000000000..e5a85e29ac --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtAuditReview.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Audit Review is in the Rights Included column, it grants the right to read the audit trail, but not the right to manage the audit subsystem (see Audit Control). +<p> +If Audit Review is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtContractObserver.html b/usr/src/lib/libsecdb/help/profiles/RtContractObserver.html new file mode 100644 index 0000000000..e62a88e82f --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtContractObserver.html @@ -0,0 +1,41 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2004 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Contract Observer is in the Rights Included column, it grants the +right to reliably observe contract events from all contracts. +<p> +If Contract Observer is grayed, then you are not entitled to Add or +Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtCronMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtCronMngmnt.html new file mode 100644 index 0000000000..6e13f2abd6 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtCronMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Cron Management is in the Rights Included column, it grants the right to manage the cron table and daemon. The cron daemon schedules repetitive system events based on commands found in crontab files. +<p> +If Cron Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtCryptoMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtCryptoMngmnt.html new file mode 100644 index 0000000000..d27b1a8315 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtCryptoMngmnt.html @@ -0,0 +1,40 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Crypto Management is in the Rights Included column, it grants the right to use the cryptoadm command +to administer the cryptographic framework. +<p> +If Crypto Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtDHCPMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtDHCPMngmnt.html new file mode 100644 index 0000000000..7cb67a28b3 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtDHCPMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2001 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When DHCP Management is in the Rights Included column, it grants the right to manage the DHCP service. +<p> +If DHCP Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtDatAdmin.html b/usr/src/lib/libsecdb/help/profiles/RtDatAdmin.html new file mode 100644 index 0000000000..2a61188bd5 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtDatAdmin.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When DAT Administration is in the Rights Included column, it grants the right to modify the DAT configuration. +<p> +If DAT Administration is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtDefault.html b/usr/src/lib/libsecdb/help/profiles/RtDefault.html new file mode 100644 index 0000000000..924b611822 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtDefault.html @@ -0,0 +1,42 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +Basic Solaris User is assigned to every user who logs into the Solaris +Management Console. It provides Read permissions to the users of applications +and allows users to add cron jobs to their own crontab file. It is defined +in the <code>/etc/security/policy.conf</code> file by default. +<p> +If Basic Solaris User is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtDeviceMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtDeviceMngmnt.html new file mode 100644 index 0000000000..bba5fa490f --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtDeviceMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Device Management is in the Rights Included column, it grants the right to allocate and deallocate devices (assign to one user at a time such devices as tape drives, disk drives, printers and other peripherals), and to correct error conditions related to those devices. +<p> +If Device Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtDeviceSecurity.html b/usr/src/lib/libsecdb/help/profiles/RtDeviceSecurity.html new file mode 100644 index 0000000000..9d86272de2 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtDeviceSecurity.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Device Security is in the Rights Included column, it grants the right to manage and configure devices and volume manager (which manages virtual disk devices).<p> +<p> +If Device Security is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtFTPMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtFTPMngmnt.html new file mode 100644 index 0000000000..131401e458 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtFTPMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2001 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When FTP Management is in the Rights Included column, it grants the right to configure the FTP server. +<p> +If FTP Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtFileSysMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtFileSysMngmnt.html new file mode 100644 index 0000000000..ca8d15f904 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtFileSysMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When File System Management is in the Rights Included column, it grants the right to manage file system mounts and shares. +<p> +If File System Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtFileSysSecurity.html b/usr/src/lib/libsecdb/help/profiles/RtFileSysSecurity.html new file mode 100644 index 0000000000..26b5a64b03 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtFileSysSecurity.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When File System Security is in the Rights Included column, it grants the right to manage file system security attributes.<p> +<p> +If File System Security is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtIPFilterMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtIPFilterMngmnt.html new file mode 100644 index 0000000000..f8e18088fb --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtIPFilterMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When IP Filter Management is in the Rights Included column, it grants the right to administer IP Filter . +<p> +If IP Filter Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtKerberosClntMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtKerberosClntMngmnt.html new file mode 100644 index 0000000000..4c35652eba --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtKerberosClntMngmnt.html @@ -0,0 +1,40 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Kerberos Client Management is in the Rights Included column, it grants the +right to perform Kerberos client administrative tasks such as creating/modifying +the principal database, and reading/writing keytab files. + +<p> +If Kerberos Cilent Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtKerberosSrvrMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtKerberosSrvrMngmnt.html new file mode 100644 index 0000000000..cae124d420 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtKerberosSrvrMngmnt.html @@ -0,0 +1,42 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Kerberos Server Management is in the Rights Included column, it grants +the right to perform Kerberos administrative tasks such as creating/destroying +the initial database and starting/stopping the administrative daemon processes. + +The Kerberos Server Management profile also includes the rights granted by +the Kerberos Client Management profile. +<p> +If Kerberos Server Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtLogMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtLogMngmnt.html new file mode 100644 index 0000000000..bdae0884ea --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtLogMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2001 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Log Management is in the Rights Included column, it grants the right to manage log files. +<p> +If Log Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtMailMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtMailMngmnt.html new file mode 100644 index 0000000000..7a802cb129 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtMailMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Mail Management is in the Rights Included column, it grants the right to configure sendmail, modify mailing lists, and check mail queues. +<p> +If Mail Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtMaintAndRepair.html b/usr/src/lib/libsecdb/help/profiles/RtMaintAndRepair.html new file mode 100644 index 0000000000..cd62930e6d --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtMaintAndRepair.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Maintenance and Repair is in the Rights Included column, it grants the right to use commands needed to maintain or repair a system. +<p> +If Maintenance and Repair is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtMediaBkup.html b/usr/src/lib/libsecdb/help/profiles/RtMediaBkup.html new file mode 100644 index 0000000000..30924ffac4 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtMediaBkup.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Media Backup is in the Rights Included column, it grants the right to backup files, but not the right to restore them (see Media Restore). +<p> +If Media Backup is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtMediaRestore.html b/usr/src/lib/libsecdb/help/profiles/RtMediaRestore.html new file mode 100644 index 0000000000..2c81cd2a14 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtMediaRestore.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Media Restore is in the Rights Included column, it grants the right to restore backed-up files, but not the right to back them up in the first place (see Media Backup). +<p> +If Media Restore is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtNameServiceAdmin.html b/usr/src/lib/libsecdb/help/profiles/RtNameServiceAdmin.html new file mode 100644 index 0000000000..712bfea41b --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtNameServiceAdmin.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Name Service Management is in the Rights Included column, it grants the right to control the name service daemon. +<p> +If Name Service Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtNameServiceSecure.html b/usr/src/lib/libsecdb/help/profiles/RtNameServiceSecure.html new file mode 100644 index 0000000000..87650a1fe2 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtNameServiceSecure.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Name Service Security is in the Rights Included column, it grants the right to manage name service properties and table data. +<p> +If Name Service Security is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtNetMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtNetMngmnt.html new file mode 100644 index 0000000000..c25640c0c9 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtNetMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Network Management is in the Rights Included column, it grants the right to manage the host (computer) and network configuration. (For network and host security, see Network Security.) +<p> +If Network Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtNetSecure.html b/usr/src/lib/libsecdb/help/profiles/RtNetSecure.html new file mode 100644 index 0000000000..7949437373 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtNetSecure.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Network Security is in the Rights Included column, it grants the right to manage network and host security, with authorizations for modifying trusted network databases. +<p> +If Network Security is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtObAccessMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtObAccessMngmnt.html new file mode 100644 index 0000000000..dc837e8083 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtObAccessMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Object Access Management is in the Rights Included column, it grants the right to change file ownership and permissions. +<p> +If Object Access Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtPrntAdmin.html b/usr/src/lib/libsecdb/help/profiles/RtPrntAdmin.html new file mode 100644 index 0000000000..8e5164bcb0 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtPrntAdmin.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Printer Management is in the Rights Included column, it grants the right to manage printer devices, daemons, and spooling. +<p> +If Printer Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtProcManagement.html b/usr/src/lib/libsecdb/help/profiles/RtProcManagement.html new file mode 100644 index 0000000000..90e51ca795 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtProcManagement.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Process Management is in the Rights Included column, it grants the right to manage current processes and daemons. +<p> +If Process Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtRightsDelegate.html b/usr/src/lib/libsecdb/help/profiles/RtRightsDelegate.html new file mode 100644 index 0000000000..dcf7cce3a1 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtRightsDelegate.html @@ -0,0 +1,44 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Rights Delegation is in the Rights Included column, it grants a user or role limited ability to assign users to roles, and to assign rights to roles, users, and other rights. +<p> +This is limited in that a user or role granted Rights Delegation can only: +<ul> +<li>assign other users to those roles already assigned to the user itself +<li>assign to users, roles, and other rights only those rights that the user or role itself has been assigned</ul> +<p> +If Rights Delegation is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtSoftwareInstall.html b/usr/src/lib/libsecdb/help/profiles/RtSoftwareInstall.html new file mode 100644 index 0000000000..476823f013 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtSoftwareInstall.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Software Installation is in the Rights Included column, it grants the right to add and remove application software. +<p> +If Software Installation is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtSysEvMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtSysEvMngmnt.html new file mode 100644 index 0000000000..09ea2272e2 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtSysEvMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When System Event Management is in the Rights Included column, it grants the right to configure system events actions and to manage system event channels. +<p> +If System Event Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtUserMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtUserMngmnt.html new file mode 100644 index 0000000000..c8d12ebbdf --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtUserMngmnt.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When User Management is in the Rights Included column, it grants the right to create and modify users. However it does not grant the ability to modify itself (as a security measure). Nor does it grant the right to modify users' passwords (see User Security). +<p> +If User Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtUserSecurity.html b/usr/src/lib/libsecdb/help/profiles/RtUserSecurity.html new file mode 100644 index 0000000000..f23f7f2bcf --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtUserSecurity.html @@ -0,0 +1,39 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2000 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When User Security is in the Rights Included column, it grants the right to create and modify users' passwords. It does not grant the right to create and modify users (see User Management). +<p> +If User Security is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/help/profiles/RtZoneMngmnt.html b/usr/src/lib/libsecdb/help/profiles/RtZoneMngmnt.html new file mode 100644 index 0000000000..b80297e9a7 --- /dev/null +++ b/usr/src/lib/libsecdb/help/profiles/RtZoneMngmnt.html @@ -0,0 +1,40 @@ +<HTML> +<!-- + CDDL HEADER START + + The contents of this file are subject to the terms of the + Common Development and Distribution License, Version 1.0 only + (the "License"). You may not use this file except in compliance + with the License. + + You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + or http://www.opensolaris.org/os/licensing. + See the License for the specific language governing permissions + and limitations under the License. + + When distributing Covered Code, include this CDDL HEADER in each + file and include the License file at usr/src/OPENSOLARIS.LICENSE. + If applicable, add the following below this CDDL HEADER, with the + fields enclosed by brackets "[]" replaced with your own identifying + information: Portions Copyright [yyyy] [name of copyright owner] + + CDDL HEADER END + +-- Copyright 2003 Sun Microsystems, Inc. All rights reserved. +-- Use is subject to license terms. +--> +<HEAD> + <TITLE> </TITLE> + + +</HEAD> +<BODY> +<!-- ident "%Z%%M% %I% %E% SMI" --> + +When Zones Management is in the Rights Included column, it grants the right to +use commands needed to administer Solaris Zones. +<p> +If Zones Management is grayed, then you are not entitled to Add or Remove this right. +<p> +</BODY> +</HTML> diff --git a/usr/src/lib/libsecdb/i386/Makefile b/usr/src/lib/libsecdb/i386/Makefile new file mode 100644 index 0000000000..1e59e5b6e6 --- /dev/null +++ b/usr/src/lib/libsecdb/i386/Makefile @@ -0,0 +1,36 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999, 2001 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" +# +# libsecdb/i386/Makefile + + +include ../Makefile.com + +.KEEP_STATE: + + +install: all $(ROOTLIBS) $(ROOTLINKS) $(ROOTLINT) diff --git a/usr/src/lib/libsecdb/inc.flg b/usr/src/lib/libsecdb/inc.flg new file mode 100644 index 0000000000..c9ccafa67f --- /dev/null +++ b/usr/src/lib/libsecdb/inc.flg @@ -0,0 +1,29 @@ +#!/bin/sh +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 2000 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" + +find_files "s.*" usr/src/pkgdefs/common_files diff --git a/usr/src/lib/libsecdb/policy.conf b/usr/src/lib/libsecdb/policy.conf new file mode 100644 index 0000000000..e148f4d2b0 --- /dev/null +++ b/usr/src/lib/libsecdb/policy.conf @@ -0,0 +1,82 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# /etc/security/policy.conf +# +# security policy configuration for user attributes. see policy.conf(4) +# +#ident "%Z%%M% %I% %E% SMI" +# +AUTHS_GRANTED=solaris.device.cdrw +PROFS_GRANTED=Basic Solaris User + +# crypt(3c) Algorithms Configuration +# +# CRYPT_ALGORITHMS_ALLOW specifies the algorithms that are allowed to +# be used for new passwords. This is enforced only in crypt_gensalt(3c). +# +CRYPT_ALGORITHMS_ALLOW=1,2a,md5 + +# To deprecate use of the traditional unix algorithm, uncomment below +# and change CRYPT_DEFAULT= to another algorithm. For example, +# CRYPT_DEFAULT=1 for BSD/Linux MD5. +# +#CRYPT_ALGORITHMS_DEPRECATE=__unix__ + +# The Solaris default is the traditional UNIX algorithm. This is not +# listed in crypt.conf(4) since it is internal to libc. The reserved +# name __unix__ is used to refer to it. +# +CRYPT_DEFAULT=__unix__ +# +# These settings determine the default privileges users have. If not set, +# the default privileges are taken from the inherited set. +# There are two different settings; PRIV_DEFAULT determines the default +# set on login; PRIV_LIMIT defines the Limit set on login. +# Individual users can have privileges assigned or taken away through +# user_attr. Privileges can also be assigned to profiles in which case +# the users with those profiles can use those privileges through pfexec(1m). +# For maximum future compatibility, the specifications should +# always include "basic" or "all"; privileges should then be removed using +# the negation. E.g., PRIV_LIMIT=all,!sys_linkdir takes away only the +# sys_linkdir privilege, regardless of future additional privileges. +# Similarly, PRIV_DEFAULT=basic,!file_link_any takes away only the +# file_link_any privilege from the basic privilege set; only that notation +# is immune from a future addition of currently unprivileged operations to +# the basic privilege set. +# NOTE: removing privileges from the the Limit set requires EXTREME care +# as any set-uid root program may suddenly fail because it lacks certain +# privilege(s). +# +#PRIV_DEFAULT=basic +#PRIV_LIMIT=all +# +# LOCK_AFTER_RETRIES specifies the default account locking policy for local +# user accounts (passwd(4)/shadow(4)). The default may be overridden by +# a user's user_attr(4) "lock_after_retries" value. +# YES enables local account locking, NO disables local account locking. +# The default value is NO. +# +#LOCK_AFTER_RETRIES=NO diff --git a/usr/src/lib/libsecdb/prof_attr.txt b/usr/src/lib/libsecdb/prof_attr.txt new file mode 100644 index 0000000000..77e77fecb7 --- /dev/null +++ b/usr/src/lib/libsecdb/prof_attr.txt @@ -0,0 +1,68 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# /etc/security/prof_attr +# +# profiles attributes. see prof_attr(4) +# +#ident "%Z%%M% %I% %E% SMI" +# +All:::Execute any command as the user or role:help=RtAll.html +Audit Control:::Configure BSM auditing:auths=solaris.audit.config,solaris.jobs.admin;help=RtAuditCtrl.html +Audit Review:::Review BSM auditing logs:auths=solaris.audit.read;help=RtAuditReview.html +Contract Observer:::Reliably observe any/all contract events:help=RtContractObserver.html +Device Management:::Control Access to Removable Media:auths=solaris.device.*;help=RtDeviceMngmnt.html +Printer Management:::Manage printers, daemons, spooling:help=RtPrntAdmin.html +Cron Management:::Manage at and cron jobs:auths=solaris.jobs.*,solaris.smf.manage.cron;help=RtCronMngmnt.html +Log Management:::Manage log files:help=RtLogMngmnt.html +Basic Solaris User:::Automatically assigned rights:auths=solaris.profmgr.read,solaris.jobs.users,solaris.mail.mailq;profiles=All;help=RtDefault.html +Device Security:::Manage devices and Volume Manager:auths=solaris.device.*;help=RtDeviceSecurity.html +DHCP Management:::Manage the DHCP service:auths=solaris.dhcpmgr.*;help=RtDHCPMngmnt.html +File System Management:::Manage, mount, share file systems:auths=solaris.smf.manage.autofs;help=RtFileSysMngmnt.html +File System Security:::Manage file system security attributes:help=RtFileSysSecurity.html +Mail Management:::Manage sendmail & queues:auths=solaris.smf.manage.sendmail;help=RtMailMngmnt.html +Maintenance and Repair:::Maintain and repair a system:auths=solaris.smf.manage.system-log;help=RtMaintAndRepair.html +Media Backup:::Backup files and file systems:help=RtMediaBkup.html +Media Restore:::Restore files and file systems from backups:help=RtMediaRestore.html +Network Management:::Manage the host and network configuration:auths=solaris.smf.manage.name-service-cache,solaris.smf.manage.bind;help=RtNetMngmnt.html +Network Security:::Manage network and host security:auths=solaris.smf.manage.ssh;help=RtNetSecure.html +Name Service Management:::Non-security name service scripts/commands:help=RtNameServiceAdmin.html +Name Service Security:::Security related name service scripts/commands:help=RtNameServiceSecure.html +Object Access Management:::Change ownership and permission on files:help=RtObAccessMngmnt.html +Process Management:::Manage current processes and processors:auths=solaris.smf.manage.cron,solaris.smf.manage.power;help=RtProcManagement.html +Rights Delegation:::Delegate ability to assign rights to users and roles:auths=solaris.role.delegate,solaris.profmgr.delegate,solaris.grant;help=RtRightsDelegate.html +Service Management:::Manage services:auths=solaris.smf.manage,solaris.smf.modify +Service Operator:::Administer services:auths=solaris.smf.manage,solaris.smf.modify.framework +Software Installation:::Add application software to the system:help=RtSoftwareInstall.html +System Event Management:::Manage system events and system event channels:help=RtSysEvMngmnt.html +User Management:::Manage users, groups, home directory:auths=solaris.profmgr.read;help=RtUserMngmnt.html +User Security:::Manage passwords, clearances:auths=solaris.role.*,solaris.profmgr.*;help=RtUserSecurity.html +FTP Management:::Manage the FTP server:help=RtFTPMngmnt.html +Crypto Management:::Cryptographic Framework Administration:help=RtCryptoMngmnt.html +Kerberos Client Management:::Maintain and Administer Kerberos excluding the servers:help=RtKerberosClntMngmnt.html +Kerberos Server Management:::Maintain and Administer Kerberos Servers:profiles=Kerberos Client Management;help=RtKerberosSrvrMngmnt.html +DAT Administration:::Manage the DAT configuration:help=RtDatAdmin.html +Zone Management:::Zones Virtual Application Environment Administration:help=RtZoneMngmnt.html +IP Filter Management:::IP Filter Administration:help=RtIPFilterMngmnt.html +Project Management:::Add/Modify/Remove projects:help=RtProjManagement.html diff --git a/usr/src/lib/libsecdb/sparc/Makefile b/usr/src/lib/libsecdb/sparc/Makefile new file mode 100644 index 0000000000..f24eef589c --- /dev/null +++ b/usr/src/lib/libsecdb/sparc/Makefile @@ -0,0 +1,35 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999, 2001 by Sun Microsystems, Inc. +# All rights reserved. +# +# lib/libsecdb/sparc/Makefile +# +#ident "%Z%%M% %I% %E% SMI" +# + +include ../Makefile.com + +.KEEP_STATE: + +install: all $(ROOTLIBS) $(ROOTLINKS) $(ROOTLINT) diff --git a/usr/src/lib/libsecdb/sparcv9/Makefile b/usr/src/lib/libsecdb/sparcv9/Makefile new file mode 100644 index 0000000000..7821a207c0 --- /dev/null +++ b/usr/src/lib/libsecdb/sparcv9/Makefile @@ -0,0 +1,37 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1998, 2001 by Sun Microsystems, Inc. +# All rights reserved. +# +# lib/libsecdb/sparcv9/Makefile +# +#ident "%Z%%M% %I% %E% SMI" +# + + +include ../Makefile.com +include ../../Makefile.lib.64 + +.KEEP_STATE: + +install: all $(ROOTLIBS64) $(ROOTLINKS64) diff --git a/usr/src/lib/libsecdb/spec/Makefile b/usr/src/lib/libsecdb/spec/Makefile new file mode 100644 index 0000000000..1c8b206cb9 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/Makefile @@ -0,0 +1,30 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/Makefile + +include $(SRC)/lib/Makefile.spec.arch diff --git a/usr/src/lib/libsecdb/spec/Makefile.targ b/usr/src/lib/libsecdb/spec/Makefile.targ new file mode 100644 index 0000000000..f8a9f5e88b --- /dev/null +++ b/usr/src/lib/libsecdb/spec/Makefile.targ @@ -0,0 +1,40 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/Makefile.targ +# + +LIBRARY = libsecdb.a +VERS = .1 + +OBJECTS = chkauthattr.o \ + getauthattr.o \ + getexecattr.o \ + getprofattr.o \ + getuserattr.o \ + secdb.o \ + private.o diff --git a/usr/src/lib/libsecdb/spec/amd64/Makefile b/usr/src/lib/libsecdb/spec/amd64/Makefile new file mode 100644 index 0000000000..d334868181 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/amd64/Makefile @@ -0,0 +1,44 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright 2004 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "%Z%%M% %I% %E% SMI" +# + +.KEEP_STATE: + +include ../Makefile.targ + +# Add arch specific objects here +OBJECTS += + +include $(SRC)/lib/Makefile.lib +include $(SRC)/lib/Makefile.lib.64 + +# Uncomment the following if the linker complains +#amd64_C_PICFLAGS = $(amd64_C_BIGPICFLAGS) + +include $(SRC)/lib/Makefile.spec + +install: $(ROOTABILIB64) diff --git a/usr/src/lib/libsecdb/spec/chkauthattr.spec b/usr/src/lib/libsecdb/spec/chkauthattr.spec new file mode 100644 index 0000000000..f0dbc24373 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/chkauthattr.spec @@ -0,0 +1,34 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/chkauthattr.spec + +function chkauthattr +include <auth_attr.h>, <prof_attr.h>, <user_attr.h> +declaration int chkauthattr(const char *authname, const char *username) +version SUNW_1.1 +exception $return == 0 +end diff --git a/usr/src/lib/libsecdb/spec/getauthattr.spec b/usr/src/lib/libsecdb/spec/getauthattr.spec new file mode 100644 index 0000000000..5d6b728a89 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/getauthattr.spec @@ -0,0 +1,59 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/getauthattr.spec + +function getauthattr +include <auth_attr.h> +declaration authattr_t *getauthattr() +version SUNW_1.1 +exception $return == NULL +end + +function getauthnam +include <auth_attr.h> +declaration authattr_t *getauthnam(const char *name) +version SUNW_1.1 +exception $return == NULL +end + +function setauthattr +include <auth_attr.h> +declaration void setauthattr() +version SUNW_1.1 +end + +function endauthattr +include <auth_attr.h> +declaration void endauthattr() +version SUNW_1.1 +end + +function free_authattr +include <auth_attr.h> +declaration void free_authattr(authattr_t *auth) +version SUNW_1.1 +end diff --git a/usr/src/lib/libsecdb/spec/getexecattr.spec b/usr/src/lib/libsecdb/spec/getexecattr.spec new file mode 100644 index 0000000000..6a7f82c042 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/getexecattr.spec @@ -0,0 +1,76 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/getexecattr.spec + +function getexecattr +include <exec_attr.h> +declaration execattr_t *getexecattr() +version SUNW_1.1 +exception $return == NULL +end + +function getexecprof +include <exec_attr.h> +declaration execattr_t *getexecprof(const char *name, const char *type, \ + const char *id, int search_flag) +version SUNW_1.1 +exception $return == NULL +end + +function getexecuser +include <exec_attr.h> +declaration execattr_t *getexecuser(const char *username, const char *type,\ + const char *id, int search_flag) +version SUNW_1.1 +exception $return == NULL +end + +function match_execattr +include <exec_attr.h> +declaration execattr_t *match_execattr(execattr_t *exec, \ + const char *profname, const char *type, const char *id) +version SUNW_1.1 +exception $return == NULL +end + +function setexecattr +include <exec_attr.h> +declaration void setexecattr() +version SUNW_1.1 +end + +function endexecattr +include <exec_attr.h> +declaration void endexecattr() +version SUNW_1.1 +end + +function free_execattr +include <exec_attr.h> +declaration void free_execattr(execattr_t *exec) +version SUNW_1.1 +end diff --git a/usr/src/lib/libsecdb/spec/getprofattr.spec b/usr/src/lib/libsecdb/spec/getprofattr.spec new file mode 100644 index 0000000000..83e5a62de4 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/getprofattr.spec @@ -0,0 +1,71 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/getprofattr.spec + +function getprofattr +include <prof_attr.h> +declaration profattr_t *getprofattr() +version SUNW_1.1 +exception $return == NULL +end + +function getprofnam +include <prof_attr.h> +declaration profattr_t *getprofnam(const char *name) +version SUNW_1.1 +exception $return == NULL +end + +function setprofattr +include <prof_attr.h> +declaration void setprofattr() +version SUNW_1.1 +end + +function endprofattr +include <prof_attr.h> +declaration void endprofattr() +version SUNW_1.1 +end + +function free_profattr +include <prof_attr.h> +declaration void free_profattr(profattr_t *prof) +version SUNW_1.1 +end + +function getproflist +include <auth_attr.h>, <exec_attr.h>, <prof_attr.h> +declaration void getproflist(const char *, char **, int *) +version SUNW_1.1 +end + +function free_proflist +include <auth_attr.h>, <exec_attr.h>, <prof_attr.h> +declaration void free_proflist(char **, int) +version SUNW_1.1 +end diff --git a/usr/src/lib/libsecdb/spec/getuserattr.spec b/usr/src/lib/libsecdb/spec/getuserattr.spec new file mode 100644 index 0000000000..4bd3d24afb --- /dev/null +++ b/usr/src/lib/libsecdb/spec/getuserattr.spec @@ -0,0 +1,73 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/getuserattr.spec + +function getuserattr +include <user_attr.h> +declaration userattr_t *getuserattr() +version SUNW_1.1 +exception $return == NULL +end + +function fgetuserattr +include <user_attr.h> +declaration userattr_t *fgetuserattr(FILE *f) +version SUNW_1.1 +exception $return == NULL +end + +function getusernam +include <user_attr.h> +declaration userattr_t *getusernam(const char *name) +version SUNW_1.1 +exception $return == NULL +end + +function getuseruid +include <user_attr.h> +declaration userattr_t *getuseruid(uid_t u) +version SUNW_1.1 +exception $return == NULL +end + +function setuserattr +include <user_attr.h> +declaration void setuserattr() +version SUNW_1.1 +end + +function enduserattr +include <user_attr.h> +declaration void enduserattr() +version SUNW_1.1 +end + +function free_userattr +include <user_attr.h> +declaration void free_userattr(userattr_t *user) +version SUNW_1.1 +end diff --git a/usr/src/lib/libsecdb/spec/i386/Makefile b/usr/src/lib/libsecdb/spec/i386/Makefile new file mode 100644 index 0000000000..aa74795e4b --- /dev/null +++ b/usr/src/lib/libsecdb/spec/i386/Makefile @@ -0,0 +1,44 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999 by Sun Microsystems, Inc. +# All rights reserved. +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/i386/Makefile + +.KEEP_STATE: + +include ../Makefile.targ + +# Add arch specific objects here +OBJECTS += + +include $(SRC)/lib/Makefile.lib + +# Uncomment the following if the linker complains +#i386_C_PICFLAGS = -K PIC + +include $(SRC)/lib/Makefile.spec + +install: $(ROOTABILIB) diff --git a/usr/src/lib/libsecdb/spec/private.spec b/usr/src/lib/libsecdb/spec/private.spec new file mode 100644 index 0000000000..d66b4b7b95 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/private.spec @@ -0,0 +1,107 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/private.spec + +function _argv_to_csl +include <secdb.h> +declaration char *_argv_to_csl(char **src) +execption $return == NULL +version SUNWprivate_1.1 +end + +function _auth_match +include <secdb.h> +declaration int _auth_match(const char *pattern, const char *auth) +version SUNWprivate_1.1 +end + +function _csl_to_argv +include <secdb.h> +declaration char **_csl_to_argv(char *csl) +execption $return == NULL +version SUNWprivate_1.1 +end + +function _do_unescape +include <secdb.h> +declaration char *_do_unescape(char *src) +execption $return == NULL +version SUNWprivate_1.1 +end + +function _free_argv +include <secdb.h> +declaration void _free_argv() +version SUNWprivate_1.1 +end + +function _get_auth_policy +include <secdb.h> +declaration int _get_auth_policy(char **def_auth, char **def_prof) +version SUNWprivate_1.1 +end + +function _insert2kva +include <secdb.h> +declaration int _insert2kva(kva_t *kva, char *key, char *value) +execption $return == 0 +version SUNWprivate_1.1 +end + +function _kva2str +include <secdb.h> +declaration int _kva2str(kva_t *kva, char *buf, int buflen, char *ass, \ + char *del) +execption $return == 0 +version SUNWprivate_1.1 +end + +function _kva_dup +include <secdb.h> +declaration kva_t *_kva_dup(kva_t *old_kva) +version SUNWprivate_1.1 +end + +function _kva_free +include <secdb.h> +declaration void _kva_free(kva_t *kva) +version SUNWprivate_1.1 +end + +function _new_kva +include <secdb.h> +declaration kva_t *_new_kva(int size) +execption $return == NULL +version SUNWprivate_1.1 +end + +function _str2kva +include <secdb.h> +declaration kva_t *_str2kva(char *s, char *ass, char *del) +execption $return == NULL +version SUNWprivate_1.1 +end diff --git a/usr/src/lib/libsecdb/spec/secdb.spec b/usr/src/lib/libsecdb/spec/secdb.spec new file mode 100644 index 0000000000..ce547a2cb3 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/secdb.spec @@ -0,0 +1,34 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/secdb.spec + +function kva_match +include <secdb.h> +declaration char *kva_match(kva_t *kva, char *key) +version SUNW_1.1 +exception $return == NULL +end diff --git a/usr/src/lib/libsecdb/spec/sparc/Makefile b/usr/src/lib/libsecdb/spec/sparc/Makefile new file mode 100644 index 0000000000..79f8ed9782 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/sparc/Makefile @@ -0,0 +1,44 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/sparc/Makefile + +.KEEP_STATE: + +include ../Makefile.targ + +# Add arch specific objects here +OBJECTS += + +include $(SRC)/lib/Makefile.lib + +# Uncomment the following if the linker complains +sparc_C_PICFLAGS = -K PIC + +include $(SRC)/lib/Makefile.spec + +install: $(ROOTABILIB) diff --git a/usr/src/lib/libsecdb/spec/sparcv9/Makefile b/usr/src/lib/libsecdb/spec/sparcv9/Makefile new file mode 100644 index 0000000000..0be7dfcc95 --- /dev/null +++ b/usr/src/lib/libsecdb/spec/sparcv9/Makefile @@ -0,0 +1,45 @@ +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# +# Copyright (c) 1999 by Sun Microsystems, Inc. +# All rights reserved. +# +#ident "%Z%%M% %I% %E% SMI" +# +# lib/libsecdb/spec/sparcv9/Makefile + +.KEEP_STATE: + +include ../Makefile.targ + +# Add arch specific objects here +OBJECTS += + +include $(SRC)/lib/Makefile.lib +include $(SRC)/lib/Makefile.lib.64 + +# Uncomment the following if the linker complains +sparcv9_C_PICFLAGS = -K PIC + +include $(SRC)/lib/Makefile.spec + +install: $(ROOTABILIB64) diff --git a/usr/src/lib/libsecdb/spec/versions b/usr/src/lib/libsecdb/spec/versions new file mode 100644 index 0000000000..38a2cfc77a --- /dev/null +++ b/usr/src/lib/libsecdb/spec/versions @@ -0,0 +1,43 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# ident "%Z%%M% %I% %E% SMI" +# + +sparc { + SUNW_1.1; + SUNWprivate_1.1; +} +sparcv9 { + SUNW_1.1; + SUNWprivate_1.1; +} +i386 { + SUNW_1.1; + SUNWprivate_1.1; +} +amd64 { + SUNW_1.1; + SUNWprivate_1.1; +} diff --git a/usr/src/lib/libsecdb/user_attr.txt b/usr/src/lib/libsecdb/user_attr.txt new file mode 100644 index 0000000000..de173ce94f --- /dev/null +++ b/usr/src/lib/libsecdb/user_attr.txt @@ -0,0 +1,33 @@ +# +# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License, Version 1.0 only +# (the "License"). You may not use this file except in compliance +# with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# +# /etc/user_attr +# +# user attributes. see user_attr(4) +# +#pragma ident "%Z%%M% %I% %E% SMI" +# +root::::auths=solaris.*,solaris.grant;profiles=All;lock_after_retries=no +lp::::profiles=Printer Management +adm::::profiles=Log Management |