initprivs(1M)
initprivs --
set the system privilege information
Synopsis
initprivs
Description
The initprivs command initializes the system with privilege
information.
It reads this information from /etc/security/tcb/privs.
Invalid entries in this file are ignored.
If the validity information for the entry does not match
the validity information stored on disk,
the file specified by the entry is not privileged.
In either case, a warning is issued
if the command is run at the shell level.
Otherwise, initprivs operates silently.
initprivs must have the P_SETSPRIV
or P_SETUPRIV privilege.
Otherwise permission is denied.
In addition, the maximum privilege set of initprivs
must be a super-set of the privileges to be set.
If not, only those privileges in the maximum set of
initprivs that can be set for the file
are in effect.
Defaults
The file /etc/default/privcmds
contains the following parameter:
VAL_CKSUM-
If the value of this parameter is ``No'', then the initprivs
command will not validate the check sum value stored
in the Privilege Data File (PDF) located in
/etc/security/tcb/privs;
this results in faster
performance compared to validating the check sum value each time the
command is run.
If the value of this parameter is anything other than ``No''
(including null, the default), then the initprivs command
validates the check sum for each file each time it is run.
Files
/etc/security/tcb/privs-
Privilege Data File (PDF).
/etc/default/privcmds-
Default file.
Diagnostics
initprivs exits with a return code of 0 upon successful completion.
If initprivs detects errors,
the following messages may be displayed:
-
Cannot clear file privileges on ``
file''
-
File ``
file'' fails validation; entry ignored.
-
1 entry ignored in ``/etc/security/tcb/privs''
-
# entries ignored in ``/etc/security/tcb/privs''
References
filepriv(1M),
intro(2),
priv(4)
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004