initprivs(1M)


initprivs -- set the system privilege information

Synopsis

initprivs

Description

The initprivs command initializes the system with privilege information. It reads this information from /etc/security/tcb/privs. Invalid entries in this file are ignored. If the validity information for the entry does not match the validity information stored on disk, the file specified by the entry is not privileged. In either case, a warning is issued if the command is run at the shell level. Otherwise, initprivs operates silently.

initprivs must have the P_SETSPRIV or P_SETUPRIV privilege. Otherwise permission is denied. In addition, the maximum privilege set of initprivs must be a super-set of the privileges to be set. If not, only those privileges in the maximum set of initprivs that can be set for the file are in effect.

Defaults

The file /etc/default/privcmds contains the following parameter:

VAL_CKSUM
If the value of this parameter is ``No'', then the initprivs command will not validate the check sum value stored in the Privilege Data File (PDF) located in /etc/security/tcb/privs; this results in faster performance compared to validating the check sum value each time the command is run. If the value of this parameter is anything other than ``No'' (including null, the default), then the initprivs command validates the check sum for each file each time it is run.

Files


/etc/security/tcb/privs
Privilege Data File (PDF).

/etc/default/privcmds
Default file.

Diagnostics

initprivs exits with a return code of 0 upon successful completion.

If initprivs detects errors, the following messages may be displayed:

References

filepriv(1M), intro(2), priv(4)
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004