Lists the entries in the kernel security tables.
The lskst command reads the kernel security tables (KST) and displays the information on standard output (stdout). The output of the lskst command might differ from what is displayed by the lsauth, lsrole and lssecattr commands if the associated file databases are modified after the databases are sent to the KST through the setkst command.
Specify the table to be displayed with the -t flag. By default, all the information in the specified table is displayed. Alternatively, a specific entry in the table can be selected by specifying the Name parameter.
By default, the lskst command lists the attributes of each entry on one line. It displays attribute information as Attribute = Value definitions, each separated by a blank space. To list the table attributes in stanza format, use the -f flag. To list the information as colon-separated records, use the -C flag.
Item | Description |
---|---|
-C | Displays the table attributes in colon-separated
records as follows:
|
-f | Displays the output in stanzas, with each stanza
identified by the entry name. Each Attribute = Value pair
is listed on a separate line:
|
-t table | Retrieves data from the specified security table
from the KST. The parameter for the -t flag can be one of the
following values:
|
Item | Description |
---|---|
Name | Represents a specific entry of a kernel table. It can be an authorization, a role, a privileged command or a privileged device, depending on the table specified by the -t table flag. |
Item | Description |
---|---|
aix.security.kst.list | Required to run the command. |
lskst -t role
lskst -t cmd -f /usr/bin/mycmd
lskst -t auth aix.security
lskst -t domobj