Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ kuserok(3) — BSD/386 1.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

kerberos(3)

ruserok(3)

krb_kntoln(3)



KUSEROK(3)                                             KUSEROK(3)


NAME
       kuserok - Kerberos version of ruserok

SYNOPSIS
       #include <kerberosIV/krb.h>

       kuserok(kdata, localuser)
       AUTHDAT *authdata;
       char   *localuser;

DESCRIPTION
       kuserok  determines whether a Kerberos principal described
       by the structure authdata is authorized to login as  user
       localuser    according    to    the   authorization   file
       ("~localuser/.klogin" by default).  It returns 0 (zero) if
       authorized, 1 (one) if not authorized.

       If there is no account for localuser on the local machine,
       authorization is not granted.  If there is  no  authoriza-
       tion   file,  and  the  Kerberos  principal  described  by
       authdata translates to localuser  (using  krbkntoln(3)),
       authorization is granted.  If the authorization file can't
       be accessed, or the file is not owned by localuser, autho-
       rization is denied.  Otherwise, the file is searched for a
       matching principal name, instance, and realm.  If a  match
       is  found, authorization is granted, else authorization is
       denied.

       The file entries are in the format:
                 name.instance@realm
       with one entry per line.

SEE ALSO
       kerberos(3), ruserok(3), krb_kntoln(3)

FILES
       ~localuser/.klogin  authorization list




















MIT Project Athena     Kerberos Version 4.0                     1


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026