|
|
size:cksum:time:privlist:pathname
Each field in the entry is separated by a colon (:) character. The size field contains the file size in bytes, as returned by stat(2). The cksum field contains a checksum (see sum(1)) value for the file. The time field contains the time the file status was last changed, expressed in seconds since the epoch (January 1, 1970), as returned in the st_ctime field by stat(2). These three fields are used to check that the file has not been changed in any manner since the time the file was given privilege. If this happens, the privileges no longer apply, and must be reset using the filepriv(1) command.
The pathname field contains the absolute pathname to the file given the privileges in the entry.
The privlist field contains a list of the privileges on the file. The list is grouped according to privilege set (i.e., fixed or inheritable). The fixed privilege set for the file is listed first. Each set is listed with a prepended % character, followed by a six letter set identification string, fixed for the fixed set, and inher for the inheritable set, and then a comma separated list of privilege names. The intro(2) page contains a list of all privilege names.
The privilege data file is /etc/security/tcb/privs.
5000:341:709323090:%fixed,core%inher,owner,auditwr:/usr/bin/example