|
1 '\" te |
|
2 .\" Portions Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved. |
|
3 .\" This manual page is derived from documentation obtained from the OpenSC organization (www.opensc-project.org). This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
|
4 .TH pklogin_finder 1 "18 Jan 2012" "SunOS 5.12" "User Commands" |
|
5 .SH NAME |
|
6 pklogin_finder \- map certificates into a user |
|
7 .SH SYNOPSIS |
|
8 .LP |
|
9 .nf |
|
10 \fB/usr/lib/pam_pkcs11/pklogin_finder\fR [debug] [config_file=\fIfilename\fR] |
|
11 .fi |
|
12 |
|
13 .SH DESCRIPTION |
|
14 .sp |
|
15 .LP |
|
16 \fBpklogin_finder\fR uses the \fBpam_pkcs11\fR library infrastructure to interactively map a PKCS#11 provided certificate to a user. |
|
17 .sp |
|
18 .LP |
|
19 \fBpklogin_finder\fR uses the same configuration file and arguments than \fBpam_pkcs11\fR(5) PAM module. It loads defined mapper modules and tries to find a map between found certificates and a user login. |
|
20 .SH OPTIONS |
|
21 .sp |
|
22 .LP |
|
23 The following options are supported: |
|
24 .sp |
|
25 .ne 2 |
|
26 .mk |
|
27 .na |
|
28 \fB\fBconfig_file=\fR\fIfileame\fR\fR |
|
29 .ad |
|
30 .RS 23n |
|
31 .rt |
|
32 Set the configuration file. |
|
33 .sp |
|
34 The default value is \fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR. |
|
35 .RE |
|
36 |
|
37 .sp |
|
38 .ne 2 |
|
39 .mk |
|
40 .na |
|
41 \fB\fBdebug\fR\fR |
|
42 .ad |
|
43 .RS 23n |
|
44 .rt |
|
45 Enable debugging output. |
|
46 .sp |
|
47 The default is no debug. |
|
48 .RE |
|
49 |
|
50 .sp |
|
51 .LP |
|
52 As it uses the same configuration file as \fBpam_pkcs11\fR(5), all of the \fBpam_pkcs11\fR options are available. Some of these options make no sense in a non-PAM environment, and are therefore ignored. Some mapper options (\fBmapfile\fR, \fBignorecase\fR) have no effect on certificate contents, and they are ignored as well. |
|
53 .SH EXIT STATUS |
|
54 .sp |
|
55 .LP |
|
56 The following exit values are returned: |
|
57 .sp |
|
58 .ne 2 |
|
59 .mk |
|
60 .na |
|
61 \fB\fB0\fR\fR |
|
62 .ad |
|
63 .RS 5n |
|
64 .rt |
|
65 Successful completion. |
|
66 .sp |
|
67 \fBpkcs11_inspect\fR prints on \fBstdout\fR the login name and exits. |
|
68 .RE |
|
69 |
|
70 .sp |
|
71 .ne 2 |
|
72 .mk |
|
73 .na |
|
74 \fB\fB1\fR\fR |
|
75 .ad |
|
76 .RS 5n |
|
77 .rt |
|
78 An error occurred. |
|
79 .sp |
|
80 A user mapping error was found. |
|
81 .RE |
|
82 |
|
83 .sp |
|
84 .ne 2 |
|
85 .mk |
|
86 .na |
|
87 \fB\fB2\fR\fR |
|
88 .ad |
|
89 .RS 5n |
|
90 .rt |
|
91 An error occurred. |
|
92 .sp |
|
93 No user match was found. |
|
94 .RE |
|
95 |
|
96 .SH EXAMPLES |
|
97 .LP |
|
98 \fBExample 1 \fRUsing \fBpklogin_finder\fR |
|
99 .sp |
|
100 .LP |
|
101 The following example runs the \fBpklogin_finder\fR command without any options: |
|
102 |
|
103 .sp |
|
104 .in +2 |
|
105 .nf |
|
106 % pkcs11_inspect |
|
107 .fi |
|
108 .in -2 |
|
109 .sp |
|
110 |
|
111 .LP |
|
112 \fBExample 2 \fRUsing \fBpklogin_finder\fR with Options |
|
113 .sp |
|
114 .LP |
|
115 The following example runs the \fBpkcs_finder\fR command with options: |
|
116 |
|
117 .sp |
|
118 .in +2 |
|
119 .nf |
|
120 % pklogin_finder debug config_file=${HOME}/.pam_pkcs11.conf |
|
121 .fi |
|
122 .in -2 |
|
123 .sp |
|
124 |
|
125 .SH FILES |
|
126 .sp |
|
127 .ne 2 |
|
128 .mk |
|
129 .na |
|
130 \fB\fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR\fR |
|
131 .ad |
|
132 .sp .6 |
|
133 .RS 4n |
|
134 |
|
135 .RE |
|
136 |
|
137 .SH AUTHORS |
|
138 .sp |
|
139 .LP |
|
140 Juan Antonio Martinez, \[email protected]\fR |
|
141 .SH ATTRIBUTES |
|
142 .sp |
|
143 .LP |
|
144 See \fBattributes\fR(5) for descriptions of the following attributes: |
|
145 .sp |
|
146 |
|
147 .sp |
|
148 .TS |
|
149 tab() box; |
|
150 cw(2.75i) |cw(2.75i) |
|
151 lw(2.75i) |lw(2.75i) |
|
152 . |
|
153 ATTRIBUTE TYPEATTRIBUTE VALUE |
|
154 _ |
|
155 Availabilitylibrary/security/pam/module/pam-pkcs11 |
|
156 _ |
|
157 Interface StabilityUncommitted |
|
158 .TE |
|
159 |
|
160 .SH SEE ALSO |
|
161 .sp |
|
162 .LP |
|
163 \fBpkcs11_inspect\fR(1), \fBattributes\fR(5), \fBpam_pkcs11\fR(5) |
|
164 .sp |
|
165 .LP |
|
166 \fIPAM-PKCS11 User Manual\fR, http://www.opensc-project.org/pam_pkcs11 |