4.4BSD/usr/share/man/cat3/kuserok.0
KUSEROK(3) BSD Programmer's Manual KUSEROK(3)
N�NA�AM�ME�E
kuserok - Kerberos version of ruserok
S�SY�YN�NO�OP�PS�SI�IS�S
#�#i�in�nc�cl�lu�ud�de�e <�<k�ke�er�rb�be�er�ro�os�sI�IV�V/�/k�kr�rb�b.�.h�h>�>
k�ku�us�se�er�ro�ok�k(�(k�kd�da�at�ta�a,�, l�lo�oc�ca�al�lu�us�se�er�r)�)
A�AU�UT�TH�H_�_D�DA�AT�T *�*a�au�ut�th�h_�_d�da�at�ta�a;�;
c�ch�ha�ar�r *�*l�lo�oc�ca�al�lu�us�se�er�r;�;
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
_�k_�u_�s_�e_�r_�o_�k determines whether a Kerberos principal described
by the structure _�a_�u_�t_�h_�__�d_�a_�t_�a is authorized to login as user
_�l_�o_�c_�a_�l_�u_�s_�e_�r according to the authorization file
("~_�l_�o_�c_�a_�l_�u_�s_�e_�r/.klogin" by default). It returns 0 (zero) if
authorized, 1 (one) if not authorized.
If there is no account for _�l_�o_�c_�a_�l_�u_�s_�e_�r on the local machine,
authorization is not granted. If there is no authoriza-
tion file, and the Kerberos principal described by
_�a_�u_�t_�h_�__�d_�a_�t_�a translates to _�l_�o_�c_�a_�l_�u_�s_�e_�r (using _�k_�r_�b_�__�k_�n_�t_�o_�l_�n(3)),
authorization is granted. If the authorization file can't
be accessed, or the file is not owned by _�l_�o_�c_�a_�l_�u_�s_�e_�r_�, autho-
rization is denied. Otherwise, the file is searched for a
matching principal name, instance, and realm. If a match
is found, authorization is granted, else authorization is
denied.
The file entries are in the format:
name.instance@realm
with one entry per line.
S�SE�EE�E A�AL�LS�SO�O
kerberos(3), ruserok(3), krb_kntoln(3)
F�FI�IL�LE�ES�S
~_�l_�o_�c_�a_�l_�u_�s_�e_�r/.klogin authorization list
MIT Project Athena Kerberos Version 4.0 1