KUSEROK(3) BSD Programmer's Manual KUSEROK(3)
kuserok - Kerberos version of ruserok
S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
#
\b#i
\bin
\bnc
\bcl
\blu
\bud
\bde
\be <
\b<k
\bke
\ber
\brb
\bbe
\ber
\bro
\bos
\bsI
\bIV
\bV/
\b/k
\bkr
\brb
\bb.
\b.h
\bh>
\b>
k
\bku
\bus
\bse
\ber
\bro
\bok
\bk(
\b(k
\bkd
\bda
\bat
\bta
\ba,
\b, l
\blo
\boc
\bca
\bal
\blu
\bus
\bse
\ber
\br)
\b)
A
\bAU
\bUT
\bTH
\bH_
\b_D
\bDA
\bAT
\bT *
\b*a
\bau
\but
\bth
\bh_
\b_d
\bda
\bat
\bta
\ba;
\b;
c
\bch
\bha
\bar
\br *
\b*l
\blo
\boc
\bca
\bal
\blu
\bus
\bse
\ber
\br;
\b;
D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
_
\bk_
\bu_
\bs_
\be_
\br_
\bo_
\bk determines whether a Kerberos principal described
by the structure _
\ba_
\bu_
\bt_
\bh_
\b__
\bd_
\ba_
\bt_
\ba is authorized to login as user
_
\bl_
\bo_
\bc_
\ba_
\bl_
\bu_
\bs_
\be_
\br according to the authorization file
("~_
\bl_
\bo_
\bc_
\ba_
\bl_
\bu_
\bs_
\be_
\br/.klogin" by default). It returns 0 (zero) if
authorized, 1 (one) if not authorized.
If there is no account for _
\bl_
\bo_
\bc_
\ba_
\bl_
\bu_
\bs_
\be_
\br on the local machine,
authorization is not granted. If there is no authoriza-
tion file, and the Kerberos principal described by
_
\ba_
\bu_
\bt_
\bh_
\b__
\bd_
\ba_
\bt_
\ba translates to _
\bl_
\bo_
\bc_
\ba_
\bl_
\bu_
\bs_
\be_
\br (using _
\bk_
\br_
\bb_
\b__
\bk_
\bn_
\bt_
\bo_
\bl_
\bn(3)),
authorization is granted. If the authorization file can't
be accessed, or the file is not owned by _
\bl_
\bo_
\bc_
\ba_
\bl_
\bu_
\bs_
\be_
\br_
\b, autho-
rization is denied. Otherwise, the file is searched for a
matching principal name, instance, and realm. If a match
is found, authorization is granted, else authorization is
The file entries are in the format:
S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
kerberos(3), ruserok(3), krb_kntoln(3)
~_
\bl_
\bo_
\bc_
\ba_
\bl_
\bu_
\bs_
\be_
\br/.klogin authorization list
MIT Project Athena Kerberos Version 4.0 1