calife.auth(5) format of the calife authorization file

DESCRIPTION

The calife.auth files are files consisting of newline separated records, one per user, containing three colon (``:'') separated fields. These fields are as follows:

name
User's login name / @group
shell
User's shell
user1,user2,...,usern
List of logins allowed for the user name

The name field is the login used to access the computer account.

The login name must never begin with a hyphen (``-''); also, it is strongly suggested that neither upper-case characters or dots (``.'') be part of the name, as this tends to confuse mailers. No field may contain a colon (``:'') as this has been used historically to separate the fields in the user database.

One alternative syntax is to use @group to specify that any user in the given group is allowed to use calife to become root.

The shell field is the command interpreter the user prefers. If there is nothing in the shell field, the user's current shell as found in the (/etc/passwd ) file is assumed.

If the shell field is '*', then the account is considered as locked and access is denied.

If the third parameter is specified, it is assumed to be the list of login the current user has the right to become. It enables use of calife for non-root only accounts.

calife.auth is placed in /etc

EXAMPLE

# calife.auth-dist
#
# Format
#
# name[:shell_to_be_run][:user1,user2,usern]
#
fcb
roberto:/bin/tcsh
pb::guest,blaireau

HISTORY

A file format appeared in DG/UX and SunOS, written for Antenne 2 in 1991. It has evolved with the extra shell specification. The login list was reintroduced in 2.7.

AUTHOR

Ollivier Robert <[email protected]>