siacfg(8)siacfg(8)NAMEsiacfg - Update a matrix.conf file for adding or removing SIA mecha‐
nisms
SYNOPSIS
/usr/sbin/siacfg [-[arul]] [g group_codes] [-[PA]] [-R other_mech]
[-D] [-F matrix_file] name path
OPTIONS
Add a new mechanism. Mutually exclusive with -r, -u, and -l. Remove a
mechanism. Mutually exclusive with -a, -u, and -l. The path parameter
is optional when this option is specified. Update a mechanism. Mutu‐
ally exclusive with -a, -r, and -l. Used when a new version of a mech‐
anism is installed which supports more of the entrypoints. Change the
definition of the local mechanism. Mutually exclusive with -a, -r, and
-u. This should only be used with the SIA mechanisms supplied by HP.
Specify which functional groups are supported by the given mechanism.
The functional groups are specified by the following characters for use
with the -g option: The session routines (siad_ses_*(),
siad_chk_invoker()). The *pwent routines (siad_setpwent(), siad_endp‐
went(), siad_getpwent(), siad_getpwuid(), siad_getpwnam()). The *grent
routines (siad_setgrent(), siad_endgrent(), siad_getgrent(), siad_get‐
grgid(), siad_getgrnam()). The change routines (siad_chk_user(),
siad_chg_*()). The *init routine (siad_init()). The i code is not
truly optional, and will be assumed even if it is not specified. It is
provided as an option for the -goption so that a mechanism which sup‐
ports nothing else can be specified. It is an error to support the
change routines without supporting the session routines.
If this option is not specified, an attempt will be made to
determine which routines are supported by the associated shared
library by using dlopen() and dlsym() to find the corresponding
entrypoints. Prepend. Only meaningful with -a, and mutually
exclusive with -A. Specifies that this mechanism should be added
as the very first one to be tried. This is the default behavior.
Append. Only meaningful with -a, and mutually exclusive with -P.
Specifies that this mechanism should be added as the very last
non-local mechanism. Relative positioning. Only meaningful with
-A or -P, this option modifies the meaning of those options to
specify an insertion point relative to the specified other mech‐
anism. For -A this will be immediately after it, and for -P it
will be immediately before it.
ARGUMENTS
The name to be associated with the given mechanism, such as DCE, BSD,
OSFC2, ASDU, or AFS. The path to the shared library which contains the
entry points for this mechanism. Required for all but the -r option.
DESCRIPTION
The siacfg utility provides a way to update the /etc/sia/matrix.conf
files without the errors which are likely during hand-editing. The use
of this utility also prevents the proliferation of pre-built configura‐
tion files which result from trying to supply pre-built configurations
in support of systems with BASE or ENHANCED security, with or without
DCE, and with or without ASDU.
EXAMPLES
An example of how to use this utility to convert from BASE to ENHANCED
security:
# siacfg-l -g isc OSFC2 /usr/shlib/libsecurity.so
To add DCE SIA support to a system:
# siacfg-a DCE /usr/shlib/libdcesiad.so
To remove DCE from the matrix.conf file:
# siacfg-r DCE
To create a default BSD matrix.conf file:
# siacfg-l BSD libc.so
To create a default enhanced security matrix.conf file:
# siacfg-l OSFC2 /usr/shlib/libsecurity.so
FILES
Executable. SIA mechanism configuration file.
SEE ALSO
Files: matrix.conf(4)siacfg(8)