Man page of edauth
Section: Maintenance Commands (8)
Return to Main Contents
edauth - update and list authcap database information (Enhanced
/usr/tcb/bin/edauth [-d db] [-L|-N] [-q] [-v] entryname ...
/usr/tcb/bin/edauth -g [-d db] [-L|-N] [-q] [-v] [entryname...]
/usr/tcb/bin/edauth -s [-d db] [-L|-N] [-R] [-U uid] [-C] [-q] [-v]
/usr/tcb/bin/edauth -r [-d db] [-L|-N] [-q] [-v] entryname...
- -d db
Specifies which database to use. Select from one of the characters d, f,
p, t, or v.
d - /etc/auth/system/default
f - /etc/auth/system/files
p - User profile data in the
/tcb/files/auth.db and /var/tcb/files/auth.db files.
t - /etc/auth/system/ttys.db
v - /etc/auth/system/devassign
The default database is p (user profiles) if no -d option is given.
Gets the named entries (or all) and prints them to standard output rather than
If the -q option is also given, the entries are not printed, and the
exit status is the only confirmation of whether at least one entry would
have been printed if -q had not been specified.
Removes (deletes) named entries rather than editing them.
Sets new values based on pre-edited entries read from standard input.
If a new entry is being created, the corresponding
passwd entry must be created first.
If the -C
option is not given, existing entries will be overwritten by the new data.
Gives more verbose messages.
Restricts the -s option to creating new entries only, rather than possibly
overwriting existing ones.
Uses only local entries, not NIS.
Uses only NIS entries, not local.
Causes new local user-profile entries to be written to the root partition
only, no matter what the uid of the profile.
- -U uid
Specifies the minimum general user UID. User-profile entries with UIDs
less than this value (default of 100) will be written to the root partition in
the /tcb/files/auth.db file. Profiles with uids greater than or equal to
the specified value will be written to the /var/tcb/files/auth.db file.
Print a help message and exit successfully with no further processing.
The edauth utility is used to make changes to the system databases used
by the ENHANCED security subsets. It is intended for disaster-recovery
situations, since the GUIs provide a much friendlier interface. However,
for sites where X is not available, it can be used for general maintenance
of these databases.
If none of the -s, -g, or -r options are given, edauth will
extract each matching entry into a temporary file, and allow the user to edit
that entry. If the edited entry has more unparsed fields than did the old
copy, a warning is given. If the -v option was given, the unparsed text
Editing and setting of entries in NIS maps is only allowed on the
NIS master host, in which case the changes are made to the NIS
map source files themselves, and a make of the NIS maps is
then performed by edauth.
The only option available to an unprivileged user is displaying
the publicly-accessible databases or the user's own profile.
To display just the wildcard entries from the ttys and devassign
# edauth -g -dt '*' '*:*'
# edauth -g -dv '*' '*:*'
To display the system defaults data:
# edauth -g -dd
For an unprivileged user to display his or her own profile:
# edauth -g
For a privileged user to display all user profiles:
# edauth -g
To display the user profile for root:
# edauth -g root
To edit the entry for user root:
# edauth root
To edit the ttys database entry for lat/628:
# edauth -dt lat/628
To edit the NIS profile entry for user nobody:
# edauth -N nobody
To add a template of cis401 to a list of user names contained in
a file named students:
edauth -g `cat students` \
| sed 's/:chkent:/:u_template=cis401:chkent:/' \
| edauth -s
The following environment variables may be used by edauth:
Checked for being set only, in order to determine whether the $VISUAL
environment variable should be consulted to find an editor to use.
The $TERM variable is also likely to be used by the editor that is
Consulted to find the editor to use when editing data, if the $TERM
environment variable is set.
Consulted to find the editor to use when editing data. If neither
the $VISUAL nor the
$EDITOR environment variable is available, edauth will check
/usr/bin/ex and /sbin/ed for execute permissions and will
stop attempts to edit data if none can be found.
Other environment variables which are likely to be used:
This environment variable is checked by the /var/yp/Makefile file when
updating the NIS maps in order to determine whether to force the NIS slave
servers to update their maps immediately (and to wait for that update).
convuser(8), convauth(8), authck(8)
authcap(4), prpasswd(4), ttys(4), default(4),
- RELATED INFORMATION
This document was created by
using the manual pages.
Time: 02:40:29 GMT, October 02, 2010