seclib_ruserok(3C) seclib_ruserok(3C)
NAME
seclibruserok - checking automatic login
SYNOPSIS
cc ... -lseclib
#include <seclib.h>
enum seclibreturnval
seclibruserok(enum secatooptions, char *ruser,
struct logincontext *);
DESCRIPTION
The Autologin Group is responsible for the remote-command style of
automatic login. This autologin mechanism uses (among others) the
/etc/host and $HOME/.rhost files.
In addition to the normal ruserok functionality, the seclibruserok()
function will:
- SECAAUTOLOGIN
Master switch for autologin functionality. If the
STRICTRHOSTMODES flag is set in /etc/default/login, the autologin
will be disallowed if the $HOME/.rhost file is not mode 600 and
owned by the user -- or owned by root.
- SECAEQUIVHOSTS
Allow autologin if the remote machine is in the /etc/hosts.equiv
file.
- SECADENYRHOSTS (CSP feature)
Disallow autologin if the remote machine is in the /etc/hosts.deny
file
- SECADISABLERHOST (CSP feature)
Disallow use of the $HOME/.rhosts file.
- SECAMINIMUMUID (CSP feature)
Disallow autologin if the user's uid is below the MINIMUMUID set in
/etc/default/login.
ARGUMENTS
secatooptions
A bitmask that directs the function to enable particular
features. The complete list of values in the bitmask may be
found in the seclib.h header.
Page 1 Reliant UNIX 5.44 Printed 11/98
seclib_ruserok(3C) seclib_ruserok(3C)
logincontext
A value as returned by secliblogincontext(). The structure
referenced by this pointer contains all of the session infor-
mation required to authenticate a user via the security
library.
ruser The name of the user on the remote host that is requesting
access.
RETURN VALUE
The functions return the seclibreturnval enumeration. The functions
will return:
SECROK
The function completed processing without encountering a system
error.
NOTE: the function will return SECROK even if it sets
context->reason to a failure value.
SECRCALLFAILED
The function call failed. This is usually because a system call
failed (such as a malloc() failing when a brk() call returned
with an error).
SECRBADOPTION
The function was called with an invalid argument.
SEE ALSO
seclib(3C), secliblogincontext(3C), seclibmisc(3C),
seclibpassentry(3C), seclibpassqual(3C), seclibpasswd(3C),
seclibsecterm(3C), seclibtwindows(3C), hosts.equiv(4).
Page 2 Reliant UNIX 5.44 Printed 11/98