.\" $Source: /usr/src/kerberosIV/man/RCS/kuserok.3,v $
.\" $Header: /usr/src/kerberosIV/man/RCS/kuserok.3,v 4.2 90/06/25 21:12:39 kfall Exp $
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\" For copying and distribution information,
.\" please see the file <mit-copyright.h>.
.TH KUSEROK 3 "Kerberos Version 4.0" "MIT Project Athena"
kuserok \- Kerberos version of ruserok
#include <kerberosIV/krb.h>
kuserok(kdata, localuser)
determines whether a Kerberos principal described by the structure
is authorized to login as user
according to the authorization file
("~\fIlocaluser\fR/.klogin" by default). It returns 0 (zero) if authorized,
1 (one) if not authorized.
If there is no account for
on the local machine, authorization is not granted.
If there is no authorization file, and the Kerberos principal described
authorization is granted.
If the authorization file
can't be accessed, or the file is not owned by
authorization is denied. Otherwise, the file is searched for
a matching principal name, instance, and realm. If a match is found,
authorization is granted, else authorization is denied.
The file entries are in the format:
kerberos(3), ruserok(3), krb_kntoln(3)