*** UNIX MANUAL PAGE BROWSER ***

getprdfent(3) Library Functions Manual getprdfent(3) NAME getprdfent, getprdfnam, putprdfnam - Manipulate system default database entry (Enhanced Security) LIBRARY Security Library (libsecurity.a) SYNOPSIS #include <sys/types.h> #include <sys/security.h> #include <prot.h> struct pr_default *getprdfent(void); struct pr_default *getprdfnam( char *name); void setprdfent(void); void endprdfent(void); int putprdfnam( char *name, struct pr_default *pr); PARAMETERS Specifies a system default database entry name. Specifies a system de- fault database control entry structure. DESCRIPTION The getprdfent() and getprdfnam() functions each return a pointer to an object with the following structure containing the separated-out fields of a line in the system default database. Each line in the database contains a pr_default structure, declared in the prot.h header file as follows: struct system_default_fields { time_t fd_inactivity_timeout; time_t fd_pw_expire_warning; char fd_pw_site_callout[MAXPATHLEN]; mask_t fd_secclass[AUTH_SECCLASSVEC_SIZE]; char fd_boot_authenticate; char fd_audit_enable; } ; struct system_default_flags { unsigned short fg_inactivity_timeout:1, fg_pw_expire_warning:1, fg_secclass:1, fg_boot_authenticate:1, fg_audit_enable, } ; struct pr_default { char dd_name[20]; char dg_name; struct pr_field prd; struct pr_flag prg; struct t_field tcd; struct t_flag tcg; struct dev_field devd; struct dev_flag devg; struct system_default_fields sfld; struct system_default_flags sflg; } ; Currently there is only one entry in the system default database, ref- erenced by the name default. The system default database contains default values for all parameters in the protected password, terminal control, and device assignment databases, as well as configurable system-wide parameters. The fields from the other databases are described in the corresponding reference pages. fd_pw_expire_warning This field is the time, in seconds, before a password's expiration that the system begins printing expiration warnings when the user logs in. fd_secclass Although not used in the software, this field is an indicator of the system's TCSEC (Orange Book) class of trust. fd_boot_authenticate This field is a Boolean flag that indicates whether an authorized user must authenticate before the system begins operation. fd_audit_enable This field is true if the system begins audit at system startup, and is 0 (zero) otherwise. The getprdfent() function returns a pointer to the first pr_default structure in the database when first called. Thereafter, it returns a pointer to the next pr_default structure in the database, so successive calls can be used to search the database (not currently supported). The getprdfnam() function searches from the beginning of the file until a default entry matching name is found, and returns a pointer to the particular structure in which it was found. If an end-of-file or an error is encountered on reading, these functions return a null pointer. Currently, all programs access the default database by calling getprdf- nam() (the default). A call to the setprdfent() function has the effect of rewinding the de- fault control file to allow repeated searches. The endprdfent() func- tion can be called to close the database when processing is complete. The putprdfnam() function puts a new or replaced default control entry pr with key name into the database. If the prg.fg_name field contains a value of 0 (zero), the requested entry is deleted from the system default database. The putprdfnam() function locks the database for all update operations, and performs an endprdfent() after the update or failed attempt. NOTES The value returned by getprdfent() and getprdfnam() refers to a struc- ture that is overwritten by calls to these functions. To retrieve an entry, modify it, and replace it in the database, you must copy the en- try using structure assignment and supply the modified buffer to put- prdfnam(). Programs using these functions must be compiled with -lsecurity. CAUTIONS Do not delete the system default entry. This renders the system unus- able. RETURN VALUES The getprdfent() and getprdfnam() functions return null pointers on EOF or an error. The putprdfnam() function returns a value of 0 (zero) if it cannot add or update the entry. FILES System defaults database. RELATED INFORMATION Functions: getprpwent(3), getprtcent(3), getdvagent(3). Files: default(4) delim off getprdfent(3)