getconfattrs Subroutine

Purpose

Accesses system information in the system information database.

Library

Security Library (libc.a)

Syntax

#include <usersec.h>
#include <userconf.h>

int getconfattrs (SysAttributesCount)
char * Sys;
dbattr_t * Attributes;
int Count

Description

The getconfattrs subroutine accesses system configuration information.

The getconfattrs subroutine reads one or more attributes from the system configuration database. If the database is not already open, this subroutine does an implicit open for reading.

The Attributes array contains information about each attribute that is to be written. The dbattr_t data structure contains the following fields:
attr_name
The name of the desired attribute.
attr_idx
Used internally by the getconfattrs subroutine.
attr_type
The type of the desired attribute. The list of attribute types is defined in the usersec.h header file.
attr_flag
The results of the request to read the desired attribute.
attr_un
A union containing the values to be written. Its union members that follow correspond to the definitions of the attr_char, attr_int, attr_long, and attr_llong macros, respectively:
au_char
Attributes of type SEC_CHAR and SEC_LIST store a pointer to the value to be written.
au_int
Attributes of type SEC_INT and SEC_BOOL contain the value of the attribute to be written.
au_long
Attributes of type SEC_LONG contain the value of the attribute to be written.
au_llong
Attributes of type SEC_LLONG contain the value of the attribute to be written.
attr_domain
The authentication domain containing the attribute. The getconfattrs subroutine is responsible for managing the memory referenced by this pointer.

Use the setuserdb and enduserdb subroutines to open and close the system configuration database. Failure to explicitly open and close the system database can result in loss of memory and performance.

Parameters

Item Description
Sys Specifies the name of the subsystem for which the attributes are to be read.
Attributes A pointer to an array of one or more elements of type dbattr_t. The list of system attributes is defined in the usersec.h header file.
Count The number of array elements in Attributes.

Security

Files accessed:

Item Description
Mode File
r /etc/security/.ids
r /etc/security/audit/config
r /etc/security/audit/events
r /etc/security/audit/objects
r /etc/security/login.cfg
r /etc/security/portlog
r /etc/security/roles
r /usr/lib/security/methods.cfg
r /usr/lib/security/mkuser.default

Return Values

If the value of the Sys or Attributes parameter is NULL, or the value of the Count parameter is less than 1, the getconfattrs subroutine returns a value of -1, and sets the errno global variable to indicate the error. Otherwise, the subroutine returns a value of zero. The getconfattrs subroutine does not check the validity of the Sys parameter. Each element in the Attributes array must be examined on a successful call to the getconfattrs subroutine to determine whether the Attributes array entry is successfully retrieved.

Error Codes

The getconfattrs subroutine returns an error that indicates that the system attribute does or does not exist. Additional errors can indicate an error querying the information databases for the requested attributes.

Item Description
EINVAL The Attributes parameter is NULL.
EINVAL The Count parameter is less than 1.
ENOENT The specified Sys does not exist.
EIO Failed to access remote system information database.

If the getconfattrs subroutine fails to query an attribute, one or more of the following errors is returned in the attr_flag field of the corresponding Attributes element:

Item Description
EACCES The user does not have access to the attribute specified in the attr_name field.
EINVAL The attr_type field in the Attributes entry contains an invalid type.
EINVAL The attr_un field in the Attributes entry does not point to a valid buffer or to valid data for this type of attribute. Limited testing is possible and all errors might not be detected.
ENOMEM Memory could not be allocated to store the return value.
ENOATTR The attr_name field in the Attributes entry specifies an attribute that is not defined for this system table.

Files

Item Description
/etc/security/.ids The next available user and group ID values.
/etc/security/audit/config Bin and stream mode audit configuration parameters.
/etc/security/audit/events Format strings for audit event records.
/etc/security/audit/objects File system objects that are explicitly audited.
/etc/security/login.cfg Miscellaneous login relation parameters.
/etc/security/portlog Port login failure and locking history.
/etc/security/roles Definitions of administrative roles.
/usr/lib/security/methods.cfg Definitions of loadable authentication modules.
/usr/lib/security/mkuser.default Default user attributes for administrative and non administrative users.