paginit Command

Purpose

Authenticate a user and create a PAG association.

Syntax

paginit [ -R module_name ] [ username ]

Description

The paginit command authenticates username (by default, the user issuing the command) and creates an association between the username and a kernel token called a Process Authentication Group entry (PAG). A new login shell is spawned by this command.

If the -R flag is not given, paglist queries the user's registry attribute and use that value for module_name.

To associate the username with an alternate Identification and Authentication (I&A) mechanism, the -R flag can be used to specify the I&A load module used to create the user. Load modules are defined in the /usr/lib/security/methods.cfg file.

Flags

Item Description
-R module_name Specifies the loadable I&A module used to authenticate the user.

Parameters

Item Description
username Specifies the user. This parameter defaults to the user issuing the command. Only the root user may override the default.

Security

Access Control: This command should be executable by all. It should be owned by root and should be setuid.

Auditing

USER_Paginit

Example

paginit -R FPKI 
The user is authenticated using the registry FPKI, which is defined in the /usr/lib/security/methods.cfg file. A PAG is associated with the current process credentials.