siacfg(8) — Maintenance
NAME
siacfg − Update a matrix.conf file for adding or removing SIA mechanisms
SYNOPSIS
/usr/sbin/siacfg [−[arul]] [g group_codes] [−[PA]] [−R other_mech] [−D] [−F matrix_file] name path
OPTIONS
−aAdd a new mechanism. Mutually exclusive with −r, −u, and −l.
−rRemove a mechanism. Mutually exclusive with −a, −u, and −l. The path parameter is optional when this option is specified.
−uUpdate a mechanism. Mutually exclusive with −a, −r, and −l. Used when a new version of a mechanism is installed which supports more of the entrypoints.
−lChange the definition of the local mechanism. Mutually exclusive with −a, −r, and −u. This should only be used with the SIA mechanisms supplied by HP.
−g group_codes
Specify which functional groups are supported by the given mechanism. The functional groups are specified by the following characters for use with the −g option:
sThe session routines (siad_ses_∗(), siad_chk_invoker()).
pThe ∗pwent routines (siad_setpwent(), siad_endpwent(), siad_getpwent(), siad_getpwuid(), siad_getpwnam()).
gThe ∗grent routines (siad_setgrent(), siad_endgrent(), siad_getgrent(), siad_getgrgid(), siad_getgrnam()).
cThe change routines (siad_chk_user(), siad_chg_∗()).
iThe ∗init routine (siad_init()). The i code is not truly optional, and will be assumed even if it is not specified. It is provided as an option for the −goption so that a mechanism which supports nothing else can be specified. It is an error to support the change routines without supporting the session routines.
If this option is not specified, an attempt will be made to determine which routines are supported by the associated shared library by using dlopen() and dlsym() to find the corresponding entrypoints.
−PPrepend. Only meaningful with −a, and mutually exclusive with −A. Specifies that this mechanism should be added as the very first one to be tried. This is the default behavior.
−AAppend. Only meaningful with −a, and mutually exclusive with −P. Specifies that this mechanism should be added as the very last non-local mechanism.
−R other_mech
Relative positioning. Only meaningful with −A or −P, this option modifies the meaning of those options to specify an insertion point relative to the specified other mechanism. For −A this will be immediately after it, and for −P it will be immediately before it.
ARGUMENTS
name
The name to be associated with the given mechanism, such as DCE, BSD, OSFC2, ASDU, or AFS.
pathThe path to the shared library which contains the entry points for this mechanism. Required for all but the −r option.
DESCRIPTION
The siacfg utility provides a way to update the /etc/sia/matrix.conf files without the errors which are likely during hand-editing. The use of this utility also prevents the proliferation of pre-built configuration files which result from trying to supply pre-built configurations in support of systems with BASE or ENHANCED security, with or without DCE, and with or without ASDU.
EXAMPLES
An example of how to use this utility to convert from BASE to ENHANCED security:
# siacfg -l -g isc OSFC2 /usr/shlib/libsecurity.so
To add DCE SIA support to a system:
# siacfg -a DCE /usr/shlib/libdcesiad.so
To remove DCE from the matrix.conf file:
# siacfg -r DCE
To create a default BSD matrix.conf file:
# siacfg -l BSD libc.so
To create a default enhanced security matrix.conf file:
# siacfg -l OSFC2 /usr/shlib/libsecurity.so
FILES
/usr/sbin/siacfg
Executable.
/etc/sia/matrix.conf
SIA mechanism configuration file.
SEE ALSO
Files: matrix.conf(4)