unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (4.4BSD-Lite2)
Page:
Section:
Apropos / Subsearch:
optional field



KUSEROK(3)           BSD Programmer's Manual           KUSEROK(3)


NAME
       kuserok - Kerberos version of ruserok

SYNOPSIS
       #include <&lt;kerberosIV/krb.h>&gt;

       kuserok(kdata, localuser)
       AUTH_DAT *auth_data;
       char   *localuser;

DESCRIPTION
       kuserok  determines whether a Kerberos principal described
       by the structure auth_data is authorized to login as  user
       localuser    according    to    the   authorization   file
       ("~localuser/.klogin" by default).  It returns 0 (zero) if
       authorized, 1 (one) if not authorized.

       If there is no account for localuser on the local machine,
       authorization is not granted.  If there is  no  authoriza-
       tion   file,  and  the  Kerberos  principal  described  by
       auth_data translates to localuser  (using  krb_kntoln(3)),
       authorization is granted.  If the authorization file can't
       be accessed, or the file is not owned by localuser, autho-
       rization is denied.  Otherwise, the file is searched for a
       matching principal name, instance, and realm.  If a  match
       is  found, authorization is granted, else authorization is
       denied.

       The file entries are in the format:
                 name.instance@realm
       with one entry per line.

SEE ALSO
       kerberos(3), ruserok(3), krb_kntoln(3)

FILES
       ~localuser/.klogin  authorization list

















MIT Project Athena     Kerberos Version 4.0                     1