1 .\" $Id: kuserok.3,v 1.3 1996/10/13 17:51:18 bg Exp $
2 .\" Copyright 1989 by the Massachusetts Institute of Technology.
4 .\" For copying and distribution information,
5 .\" please see the file <mit-copyright.h>.
7 .TH KUSEROK 3 "Kerberos Version 4.0" "MIT Project Athena"
9 kuserok \- Kerberos version of ruserok
17 kuserok(kdata, localuser)
24 determines whether a Kerberos principal described by the structure
26 is authorized to login as user
28 according to the authorization file
29 ("~\fIlocaluser\fR/.klogin" by default). It returns 0 (zero) if authorized,
30 1 (one) if not authorized.
32 If there is no account for
34 on the local machine, authorization is not granted.
35 If there is no authorization file, and the Kerberos principal described
42 authorization is granted.
43 If the authorization file
44 can't be accessed, or the file is not owned by
46 authorization is denied. Otherwise, the file is searched for
47 a matching principal name, instance, and realm. If a match is found,
48 authorization is granted, else authorization is denied.
50 The file entries are in the format:
56 with one entry per line.
58 For convenience ~localuser@LOCALREALM is
59 always considered to be an entry in the file even when there is no
60 file or the file is unreadable.
62 kerberos(3), ruserok(3), krb_kntoln(3)
65 ~\fIlocaluser\fR/.klogin