Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ seclib(3C) — Reliant UNIX 5.44c4

Media Vault

Software Library

Restoration Projects

Artifacts Sought

seclib(3C)                                                       seclib(3C)

NAME
     seclib - security library

SYNOPSIS
     #include <seclib.h>

     cc ... -lseclib

DESCRIPTION
     The security library provides a common set of interfaces to provide
     all system Identification and Authentication (I&A) functions. The
     functions take as an argument a login context structure. This struc-
     ture contains all the session information required for the I&A of a
     user.

     The library will automatically check to see if the CSP (Commercial
     Security Package) product has been installed. If it has, it will make
     the CSP features available to the caller automatically. The library is
     composed of several functional groups. The groups are:

     Login Context Group
          The Login Context group is responsible for allocating and deallo-
          cating the login context structure that is used by the other
          security library API calls.

          See secliblogincontext(3C) for more details.

     Password Entry Group
          The Password Entry Group is responsible for all user interaction
          of prompting for and typing in passwords. It will check the pass-
          word for validity, check for various invalid password conditions,
          read in the "real" user name and password as required and read in
          a tokencard password if required. The Password Entry Group is
          also responsible for updating the lastlog file, preparing audit
          records and using syslog(3C) to log success and failure.

          See seclibpassentry(3C) for more details.

     Password Qualifier Group
          The Password Qualifier Group is responsible for the checking of a
          user password entry (in /etc/shadow) for expiration and idle time
          validity. The qualifier group will also check to make sure that a
          user is a member of the appropriate groups to log in.

          See seclibpassqual(3C) for more details.

     Secure Terminal Group
          The Secure Terminal Group is responsible for checking that the
          root user is only logging in (or using su) at a secure location.

          See seclibsecterm(3C) for more details.




Page 1                       Reliant UNIX 5.44                Printed 11/98

seclib(3C)                                                       seclib(3C)

     Autologin Group
          The Autologin Group is responsible for the remote-command style
          of automatic login. This autologin mechanism uses (among others)
          the /etc/host and $HOME/.rhost files.

          See seclibruserok(3C) for more details.

     Password Setting Group
          The Password Setting Group is responsible for giving the user the
          opportunity to set a new password when their old one has expired
          or has not been set.

          See seclibpasswd(3C) for more details.

     Time Windows Group
          The Time Windows Group is responsible for ensuring that the user
          only logs in on authorized terminals and at authorized times.

          See seclibtwindows(3C) for more details.

     Miscellaneous Group
          The Miscellaneous Group provides indirect interfaces to obtain
          the proper umask and ulimit for a process. It also provides
          access to the auditing system (for CSP) and to the lastlog file.

          See seclibmisc(3C) for more details.

FILES
     /var/adm/lastlog

SEE ALSO
     secliblogincontext(3C), seclibmisc(3C), seclibpassentry(3C),
     seclibpassqual(3C), seclibpasswd(3C), seclibruserok(3C),
     seclibsecterm(3C), seclibtwindows(3C).




















Page 2                       Reliant UNIX 5.44                Printed 11/98

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026