Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ap(ADM) — OpenDesktop 3.0.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

addxusers(ADM)

authck(ADM)

authcap(F)

fields(S)

getprpwent(S)

getpwent(S)

passwd(FP)

subsystems(S)


 ap(ADM)                         19 June 1992                         ap(ADM)


 Name

    ap - generate account profile for propagation to other machines

 Syntax

    ap -d [ -v ] [ usernames ]

    ap -r -f file [ -o ] [ -v ] [ usernames ]

 Description

    ap allows the propagation of user accounts by generating an archive that
    can be loaded on other machines.

    ap -d writes an account profile entry to the standard output for each
    username specified. If no usernames are specified, account profiles are
    written for all users listed in the password file.

    ap -r restores account profile information from the file specified by the
    -f option, which is assumed to be the product of a previous ap -d. If no
    usernames are specified, all the account profiles contained in the file
    are restored: otherwise only the account profiles for the specified users
    are restored.

    An account profile entry consists of the user's line from the password
    file followed by all relevant parts of their Protected Password database
    entry. The following Protected Password database fields are irrelevant
    and are not copied:

       Time of last unsuccessful password change.
       Time of last successful and last unsuccessful login.
       Terminal of last successful and last unsuccessful login.
       Number of consecutive unsuccessful logins.

    The -v (verbose) option causes ap to output a message to the standard
    error for each account profile dumped or restored.

    The -o (overwrite) option causes ap to overwrite an existing account pro-
    file which has the same username and user ID as one being restored. If
    the -o option is not specified a message is output and existing entries
    are not overwritten.

 Examples

    To dump the account profiles for users root and guest to a file called
    profiles and display a message after each account profile is dumped:

       ap -dv root guest > profiles

    This file can then be transferred to another machine. To restore the
    account profile for user root, overwriting any existing profile:

       ap -ro -f profiles root


 Files

    /etc/passwd           Password file
    /etc/shadow           Shadow Password file
    /tcb/files/auth/?/*   Protected Password database
    /etc/auth/subsystems/*
                          Subsystem Authorizations database

 See also

    addxusers(ADM), authck(ADM), authcap(F), fields(S), getprpwent(S),
    getpwent(S), passwd(FP), subsystems(S)

 Diagnostics

    If ap detects a fatal error, it displays an appropriate error message and
    exits with status greater than zero. If no errors are encountered, ap
    exits with status zero.

 Notes

    ap requires the invoking user to be the super user or have the auth sub-
    system authorization, and have both the chown and execsuid kernel author-
    izations.

    As different machines may have different System Default values, the same
    profile transferred to another machine may give the user different capa-
    bilities simply because different default values are picked up for fields
    not present in the user's Protected Password database entry.

    As the file containing the dumped account profile information is used to
    update the password and Protected Password database, it must be protected
    from unauthorized access in the same way the Protected Password database
    entries themselves are protected.

 Value added

    ap is an extension of AT&T System V provided by The Santa Cruz Operation,
    Inc.


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026