4.3BSD-Reno/share/man/cat3/kuserok.0
KUSEROK(3) 4.0 KUSEROK(3)
N�NA�AM�ME�E
kuserok - Kerberos version of ruserok
S�SY�YN�NO�OP�PS�SI�IS�S
#�#i�in�nc�cl�lu�ud�de�e <�<k�ke�er�rb�be�er�ro�os�sI�IV�V/�/k�kr�rb�b.�.h�h>�>
k�ku�us�se�er�ro�ok�k(�(k�kd�da�at�ta�a,�, l�lo�oc�ca�al�lu�us�se�er�r)�)
A�AU�UT�TH�H_�_D�DA�AT�T *�*a�au�ut�th�h_�_d�da�at�ta�a;�;
c�ch�ha�ar�r *�*l�lo�oc�ca�al�lu�us�se�er�r;�;
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
_�k_�u_�s_�e_�r_�o_�k determines whether a Kerberos principal described by
the structure _�a_�u_�t_�h__�d_�a_�t_�a is authorized to login as user
_�l_�o_�c_�a_�l_�u_�s_�e_�r according to the authorization file
("~_�l_�o_�c_�a_�l_�u_�s_�e_�r/.klogin" by default). It returns 0 (zero) if
authorized, 1 (one) if not authorized.
If there is no account for _�l_�o_�c_�a_�l_�u_�s_�e_�r on the local machine,
authorization is not granted. If there is no authorization
file, and the Kerberos principal described by _�a_�u_�t_�h__�d_�a_�t_�a
translates to _�l_�o_�c_�a_�l_�u_�s_�e_�r (using _�k_�r_�b__�k_�n_�t_�o_�l_�n(3)), authorization
is granted. If the authorization file can't be accessed, or
the file is not owned by _�l_�o_�c_�a_�l_�u_�s_�e_�r, authorization is denied.
Otherwise, the file is searched for a matching principal
name, instance, and realm. If a match is found, authoriza-
tion is granted, else authorization is denied.
The file entries are in the format:
name.instance@realm
with one entry per line.
S�SE�EE�E A�AL�LS�SO�O
kerberos(3), ruserok(3), krb_kntoln(3)
F�FI�IL�LE�ES�S
~_�l_�o_�c_�a_�l_�u_�s_�e_�r/.klogin authorization list
Printed 7/27/90 Kerberos 1