Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ secstat(1) — DG/UX 5.4.2T

Media Vault

Software Library

Restoration Projects

Artifacts Sought



secstat(1)                 C2 Trusted DG/UX 5.4.2T                secstat(1)


NAME
       secstat - list security attribute status

SYNOPSIS
       secstat [-alpqr] [-c | -b] object ...

   where:
       object is a pathname

DESCRIPTION
       The secstat command displays the status of the security attributes on
       a file object, based upon the information in the file object's
       internal data structures. The information returned indicates:

       ⊕  whether a file has an extended ACL

       ⊕  whether a directory has a default ACL

   Options are:
       -a   Causes secstat to display status information of files beginning
            with '.', when the -r option is selected.

       -b   Display security attribute status information in binary form.

       -c   Display security attribute status information in character
            format (the default).

       -l   Causes secstat to not process target files that are symbolic
            links (i.e., links are not resolved, and no information about a
            link itself is displayed).

       -p   Causes the absolute pathname of the file to be displayed with
            all symbolic links resolved (assuming the absence of the -l
            option).

       -q   Stops secstat from writing diagnostic messages. The usage error
            message is always written.

       -r   causes secstat to recursively descend through directory file
            objects, displaying the security attribute status of each file
            object.

       -c and -b cannot both be specified.


   Output Format
       If no output format is specified, or -c is specified, then the
       secstat command displays the security attribute status information in
       character format.

       The first line will list the object type (directory, file, pipe),
       followed by a colon and a space, followed by the object name.

       The second line will indicate whether the file object has a minimum



Licensed material--property of copyright holder(s)                         1




secstat(1)                 C2 Trusted DG/UX 5.4.2T                secstat(1)


       ACL or an extended ACL (minimum ACL, extended ACL). If the file
       object is a directory that has a default ACL, this line will also
       include a second, space-separated field so indicating ( default ACL).

       If binary output format is specified (-b), then the secstat command
       displays the object type, followed by a colon, a space, and the
       object name, followed by a colon, a space and the hex value of the
       secpattrs field (see dgsecstat(2)). If the object is a directory,
       this information is followed by a space and the hex value of the
       directory subtype field.

       The output for each object will be followed by a blank line.

EXAMPLES
       A directory /regdir has no extended ACL.

       $secstat regdir
       directory file: regdir
       minimum ACL

       A regular file /regfile has an extended ACL.

       $secstat regfile
       file: regfile
       extended ACL

       Both file objects above are specified on the same command line.

       $secstat regdir regfile
       directory file: regdir
       minimum ACL

       file: regfile
       extended ACL

DIAGNOSTICS
       secstat writes all diagnostic messages to stderr.  The secstat
       command exits with one of the following values:

       0   The security attribute status of all file objects was
           successfully reported.

       2   secstat could not access one or more file objects.

       3   secstat usage is wrong

NOTES
       It is of little interest to see the security attributes of symbolic
       links.  These attributes play no role in the Trusted access control
       policy or mechanism.

       The absence of any security attribute that would occupy space in the
       ufia (e.g., a file with a minimum ACL) does not assure that the file
       has no ufia.  There are other entities that can be placed in the



Licensed material--property of copyright holder(s)                         2




secstat(1)                 C2 Trusted DG/UX 5.4.2T                secstat(1)


       ufia, such as by the dgsetftamattrs(2) system call, or by site
       specific commands or device drivers.

SEE ALSO
       dgsecstat(2)

       Trusted Facility Manual for the C2 Trusted DG/UX System


















































Licensed material--property of copyright holder(s)                         3


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026