xref: /illumos-gate/usr/src/man/man5/mech.5 (revision bbf21555)
te
Copyright 2003 Sun Microsystems, Inc.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
MECH 5 "Sep 6, 2006"
NAME
mech, qop - mechanism and QOP files
SYNOPSIS

/etc/gss/mech
/etc/gss/qop
DESCRIPTION

The /etc/gss/mech and /etc/gss/qop files contain tables showing installed security mechanisms and the Quality of Protection (QOP) associated with them, respectively. As security mechanisms are installed on the system, entries are added to these two files. Contents of these files may be accessed either manually or programmatically. For example, manually with cat(1) or more(1), or programmatically with either rpc_gss_get_mechanisms(3NSL) or rpc_gss_get_mech_info(3NSL).

The order of entries in the /etc/gss/mech file is significant: the order should be from the most preferred to the least preferred mechanisms.

The /etc/gss/mech file contains five fields: mechanism name

ASCII string representing the mechanism.

object identifier

RPC OID for this mechanism.

shared library

Shared library which implements the services provided by this mechanism.

kernel module

Kernel module which implements the services provided by this mechanism.

library options (optional field)

Optional parameters that are interpreted by the individual mechanism with which they are associated. Specific supported options are described in the documentation for the individual mechanism, if any. Not all mechanisms have support for optional parameters. library options must be enclosed in brackets ([ ]) so they may be differentiated from the optional kernel module entries.

The /etc/gss/qop file contains three fields: QOP string

Name, in ASCII, of this Quality of Protection.

QOP value

Numeric value by which RPC identifies this QOP.

mechanism name

ASCII string representing the mechanism with which this QOP is associated.

EXAMPLES

Example 1 A Typical Entry in /etc/gss/mech

This is a typical entry in a /etc/gss/mech file:

kerberosv5 1.2.840.113554.1.2.2 mech_krb5.so kmech_krb5

Example 2 A Typical Entry in /etc/gss/qop

This is a typical entry in a /etc/gss/qop file:

GSS_KRB5_CONF_C_QOP_DES 0 kerberosv5
SEE ALSO

rpc (3NSL), rpc_gss_get_mech_info (3NSL), rpc_gss_get_mechanisms (3NSL), rpcsec_gss (3NSL)

ONC+ Developer's Guide