NAME
calife.auth - format of the calife authorization file
DESCRIPTION
The calife.auth files are files consisting of newline separated records,
one per user, containing three colon (‘‘:’’) separated fields. These
fields are as follows:
name User’s login name / @group.
shell User’s shell
user1,user2,...,usern
List of logins allowed for the user name
The name field is the login used to access the computer account.
The login name must never begin with a hyphen (‘‘-’’); also, it is
strongly suggested that neither upper-case characters or dots (‘‘.’’) be
part of the name, as this tends to confuse mailers. No field may contain
a colon (‘‘:’’) as this has been used historically to separate the fields
in the user database.
One alternative syntax is to use @group to specify that any user in the
given group is allowed to use calife to become root.
The shell field is the command interpreter the user prefers. If there is
nothing in the shell field, the user’s current shell as found in the
(/etc/passwd) file is assumed.
If the shell field is ’*’, then the account is considered as locked and
access is denied.
If the third parameter is specified, it is assumed to be the list of
login the current user has the right to become. It enables use of calife
for non-root only accounts.
calife.auth is placed in /etc.
EXAMPLE
# calife.auth-dist
#
# Format
#
# name[:shell_to_be_run][:user1,user2,usern]
#
fcb
roberto:/bin/tcsh
pb::guest,blaireau
SEE ALSO
calife(1), su(1)
HISTORY
A calife.auth file format appeared in DG/UX and SunOS, written for
Antenne 2 in 1991. It has evolved with the extra shell specification. The
login list was reintroduced in 2.7.
AUTHOR
Ollivier Robert <roberto@keltia.frmug.fr.net>