SGI Techpubs Library

IRIX 6.5  »  Man Pages
find in page

CHECKPRIV(1M)

 NAME

     checkpriv - check to see if the current user is privileged

 SYNOPSIS

     /usr/sysadm/bin/checkpriv [ -auth auth-scheme ] [-reason ] privilege [
     privilege ] ...
     /usr/sysadm/bin/checkpriv [ -auth auth-scheme ] [-reason ] -authOnly

 DESCRIPTION

     checkpriv checks to see if you have been granted privilege.  If checkpriv
     indicates that you do have privilege, then runpriv(1M) would run the
     command privilege found in the directory /usr/sysadm/privbin on your
     behalf.

     checkpriv indicates that you have privilege if any one of the following
     conditions are met:

     1.   You are running as root.

     2.   There is no root password on the system.

     3.   The file /var/sysadm/defaultPrivileges/privilege exists and has the
          string "on" as its first line (see defaultPrivileges(4)).

     4.   There is an entry in the privilegedUsers(4) database granting you
          all privileges.

     5.   There is an entry in the privilege(4) database granting the
          requested privilege, and you are not an NIS user.  Multiple
          privileges can be specified with one checkpriv command.  There must
          be an entry for each privilege specified.

     6.   The -auth auth-scheme arguments are provided, and you pass the
          authentication test.  If auth-scheme is unix, then must you type the
          root password when prompted in order to pass.

     Checks 3, 4, and 5 will automatically fail if the privileges
     configuration file in /etc/config is not on (see chkconfig(1M)).

     If the -reason argument is supplied, then if checkpriv succeeds it will
     print a number corresponding to the reason that it succeeded.  The number
     printed corresponds to the numbering scheme in the preceding paragraph.

     The -authOnly argument is used to check authentication parameters without
     consulting the privilege database.  This is used to verify that
     authentication parameters are correct for operations which are not
     privileges, such as addpriv(1M).

 DIAGNOSTICS

     If you have privilege, checkpriv exits with a status of 0.  Otherwise,
     checkpriv exits with a non-zero exit status.

 FILES

     /var/sysadm/privilege               Privilege database
     /var/sysadm/privilegedUsers         Privileged users database
     /var/sysadm/defaultPrivileges/*     Default privileges
     /etc/config/privileges              Privilege configuration flag

 SEE ALSO

     sysmgr(1M), runpriv(1M), addpriv(1M), rmpriv(1M), adddefpriv(1M),
     rmdefpriv(1M), addprivuser(1M), rmprivuser(1M), chkconfig(1M),
     privilege(4), defaultPrivileges(4), privilegedUsers(4).


home/search | what's new | help