devassign - Device assignment database file (Enhanced Security)
The system supports a single device assignment database that contains
entries for login terminals and X terminals. Authentication programs use
information in the device assignment database to determine if a login is
permitted on the terminal. Information from the terminal control database,
/etc/auth/system/ttys.db, can also affect terminal login permissions.
A device assignment database entry consists of keyword field identifiers
and values for those fields. If a necessary value is not specified in an
entry, a default value for the field is supplied from the system default
file, /etc/auth/system/default. The edauth utility is used to alter device
assignment database entries.
The format of the terminal control database file is identical to other sys-
tem authentication database files and is described in the authcap(4) refer-
ence page. The following keyword identifiers are supported:
v_devs The identifier in this field specifies a comma-separated list of
aliases that refer to the same device defined by the entry. Use
of this field avoids the need to replicate device assignment
database entries for all device aliases. This field is ignored
if it is set in a template or in the default database.
v_type This field specifies the device that is described by the entry.
Device types supported include:
terminal The device is assigned as a local login terminal dev-
xdisplay The X windows display entry for handling graphics heads
or X terminals.
This field is ignored if it is set in a template or in the default data-
v_users This field, if specified, contains a comma-separated list of user
names that are permitted to use the device for login or the
import and export of data. If the list is not present, all users
are permitted to use the device. If the list is present, it is
searched for a match by the login program to determine if the
user is permitted to use the device.
This field is ignored if it is set in a template or in the
The following example shows a device assignment database entry for a termi-
nal device with a list of allowed users:
The following example shows a device assignment database entry for an X
Specifies the pathname of the file.
Commands: cpio(1), login(1), tar(1), edauth(8)
Files: authcap(4), default(4), ttys(4)