Rechercher une page de manuel
krb5_kuserok
Langue: en
Version: 267437 (debian - 07/07/09)
Section: 3 (Bibliothèques de fonctions)
BSD mandoc
HEIMDAL
NAME
krb5_kuserok - checks if a principal is permitted to login as a userLIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)SYNOPSIS
In krb5.h Ft krb5_boolean Fo krb5_kuserok Fa krb5_context context Fa krb5_principal principal Fa const char *user FcDESCRIPTION
This function takes the name of a local Fa user and checks if Fa principal is allowed to log in as that user.The Fa user may have a ~/.k5login file listing principals that are allowed to login as that user. If that file does not exist, all principals with a first component identical to the username, and a realm considered local, are allowed access.
The .k5login file must contain one principal per line, be owned by Fa user , and not be writable by group or other (but must be readable by anyone).
Note that if the file exists, no implicit access rights are given to Fa user Ns @ Ns Aq localrealm .
Optionally, a set of files may be put in ~/.k5login.d ( a directory), in which case they will all be checked in the same manner as .k5login The files may be called anything, but files starting with a hash ``( # )'' or ending with a tilde ``( ~'' are ignored. Subdirectories are not traversed. Note that this directory may not be checked by other implementations.
RETURN VALUES
returns TRUE if access should be granted, FALSE otherwise.HISTORY
The ~/.k5login.d feature appeared in Heimdal 0.7.SEE ALSO
krb5_get_default_realms3, krb5_verify_user3, krb5_verify_user_lrealm3, krb5_verify_user_opt3, krb5.conf5Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre