devassign(4)devassign(4)NAMEdevassign - Device assignment database file (Enhanced Security)
DESCRIPTION
The system supports a single device assignment database that contains
entries for login terminals and X terminals. Authentication programs
use information in the device assignment database to determine if a
login is permitted on the terminal. Information from the terminal con‐
trol database, /etc/auth/system/ttys.db, can also affect terminal login
permissions.
A device assignment database entry consists of keyword field identi‐
fiers and values for those fields. If a necessary value is not speci‐
fied in an entry, a default value for the field is supplied from the
system default file, /etc/auth/system/default. The edauth utility is
used to alter device assignment database entries.
The format of the terminal control database file is identical to other
system authentication database files and is described in the authcap(4)
reference page. The following keyword identifiers are supported: The
identifier in this field specifies a comma-separated list of aliases
that refer to the same device defined by the entry. Use of this field
avoids the need to replicate device assignment database entries for all
device aliases. This field is ignored if it is set in a template or in
the default database. This field specifies the device that is
described by the entry. Device types supported include: The device is
assigned as a local login terminal device. The X windows display entry
for handling graphics heads or X terminals.
This field is ignored if it is set in a template or in the
default database. This field, if specified, contains a comma-
separated list of user names that are permitted to use the
device for login or the import and export of data. If the list
is not present, all users are permitted to use the device. If
the list is present, it is searched for a match by the login
program to determine if the user is permitted to use the device.
This field is ignored if it is set in a template or in the
default database.
EXAMPLES
The following example shows a device assignment database entry for a
terminal device with a list of allowed users:
tty0:v_devs=/dev/tty0:\ :v_type=terminal:v_users=may,tdy,ssv,rgb:\
:chkent:
The following example shows a device assignment database entry for an X
terminal device:
local\:0|local\:0.0:v_devs=local\:0,local\:0.0:v_type=xdisplay:chkent:
FILES
Specifies the pathname of the file.
SEE ALSO
Commands: cpio(1), login(1), tar(1), edauth(8)
Functions: getdvagent(3)
Files: authcap(4), default(4), ttys(4)devassign(4)