FIELDS(S) UNIX System V FIELDS(S)
Name
fields - return status based on fields of authentication
database
Syntax
#include <sys/types.h>
#include <sys/security.h>
#include <sys/audit.h>
#include <prot.h>
int running_secure ()
int locked_out (pr)
struct pr_passwd *pr;
void read_pw_fields (fld, flg)
struct pr_field *fld;
struct pr_flag *flg;
void store_pw_fields (f, name, fd, fg)
FILE *f;
char *name;
struct pr_field *fd;
struct pr_flag *fg;
void read_tc_fields (fld, flg)
struct t_field *fld;
struct t_flag *flg;
void store_tc_fields (f, name, fd, fg)
FILE *f;
char *name;
struct t_field *fd;
struct t_flag *fg;
void read_fi_fields (fld, flg)
struct f_field *fld;
struct f_flag *flg;
void store_fi_fields (f, name, fd, fg)
FILE *f;
char *name;
struct f_field *fd;
struct f_flag *fg;
void read_cm_fields (fld, flg)
struct c_field *fld;
struct c_flag *flg;
void store_cm_fields (f, name, fd, fg)
FILE *f;
char *name;
struct c_field *fd;
struct c_flag *fg;
void store_df_fields (f, name, pr)
register FILE *f;
char *name;
struct pr_default *pr;
Description
These routines return various information based on the user,
process environment, and the values within the
authentication database.
Running_secure returns a 0 if the system is not running in a
secure state and non-zero if the system is running in a
secure state. Programs can use this to determine if extra
checking needs to be done or if tighter controls on data
(e.g., less file permissions) need to be presented.
Locked_out returns 1 if the user represented in the
pr_passwd structure referenced by pr cannot log in for some
reason and returns 0 if the user is able to log in. The
reasons include: unconditional lock-out from the system
administrator, too many unsuccessful login tries, and/or the
password lifetime has past. This routine is used prior to
fashioning a session for an account, be it login, at, cron,
or su sessions.
Read_pw_fields fills in the pr_field and pr_flag parts of a
pr_passwd structure with the contents from the current
protected password entry. This entry must previously be
obtained with a getprpwent(S) or getprpwnam(S) call.
Store_pw_fields is the inverse of read_pw_fields. It
creates a file entry based on one of the pr_passwd structure
components pr_field and pr_flag, and writes them to the
protected password database under the key name to file f.
The read_fi_fields and store_fi_fields routines,
read_tc_fields and store_tc_fields routines, and
read_cm_fields and store_cm_fields routines perform similar
actions for the File Control, Terminal Control and Command
Control Databases respectively, using the appropriate field
and flag structures. perform similar actions for the
Store_df_fields updates the default entry name in file f
with information held in pr.
The read_pw_fields, read_fi_fields, read_tc_fields and
read_cm_fields routines may be applied to either an entry in
their respective databases or to a defaults entry. The
pr_passwd, pr_term, pr_file and pr_command structures
contain extra elements to hold default values.
Notes
The non-zero binding of running_secure and the type of
secure class of operation (TCSEC C1, C2, B1, B2, B3, A1) is
yet to be determined.
See Also
getprpwent(S), getprtcent(S), getprfient(S), getprcment(S),
getprdfent(S), authcap(S), authcap(F)
(printed 6/20/89)