getauth, setauth, rmauth - auth database maintenance
The command takes as it's only argument a user name or UID. If a user
name is supplied it is converted to a UID by searching through The UID
is then used to look up the users entry in the database. If an entry
is found it is converted to an ASCII string with a syntax resembling
that of the passwd file and printed out as a single line. If no entry
is found nothing is printed and an exit status of `1' is returned.
# getauth username
The first field is the UID of the entry which is used as the key into
the database. Then follows: the encrypted password, password modifica‐
tion time, minimum password lifetime, maximum password lifetime,
account mask, login failure count, audit ID, audit control, audit mask,
and a reserved field.
If the optional username argument is not supplied to getauth it will
produce an output line for every entry in the auth database.
The command expects one or more lines from the standard input which
must be of a form identical to that produced by the command. The com‐
mand converts and stores these lines into the database, one entry per
line, replacing any entry already existing for the given UID. By pip‐
ing the output of the command into the input of the command an expen‐
sive NOP can be produced:
# /usr/etc/sec/getauth | /usr/etc/sec/setauth
The command expects exactly one argument, the user name or UID of an
auth entry to be deleted. If the entry is found it is erased and
deleted. If it is not found no action is taken and an exit status of 1
Only the superuser and members of the group may read information from
the auth database. Only the superuser may modify the auth database.
An exit value of 0 indicates a successful operation. An exit status of
1 indicates the entry was not found on a lookup or deletion operation.
Any other exit status indicates an error.
FilesSee Alsogetauthuid(3), getpwent(3), auth(5), edauth(8)
Security Guide for Administrators