getportattr or putportattr Subroutine

Purpose

Accesses the port information in the port database.

Library

Security Library (libc.a)

Syntax

#include <usersec.h>

int getportattr (Port, Attribute, Value, Type)
char * Port;
char * Attribute;
void * Value;
int  Type;

int putportattr (Port, Attribute, Value, Type)
char *Port;
char *Attribute;
void *Value;
int Type;

Description

The getportattr or putportattr subroutine accesses port information. The getportattr subroutine reads a specified attribute from the port database. If the database is not already open, the getportattr subroutine implicitly opens the database for reading. The putportattr subroutine writes a specified attribute into the port database. If the database is not already open, the putportattr subroutine implicitly opens the database for reading and writing. The data changed by the putportattr subroutine must be explicitly committed by calling the putportattr subroutine with a Type parameter equal to the SEC_COMMIT value. Until all the data is committed, only these subroutines within the process return the written data.

Values returned by these subroutines are in dynamically allocated buffers. You do not need to move the values prior to the next call.

Use the setuserdb or enduserdb subroutine to open and close the port database.

Parameters

Item Description
Port Specifies the name of the port for which an attribute is read.
Attribute Specifies the name of the attribute read. This attribute can be one of the following values defined in the usersec.h file:
S_HERALD
Defines the initial message printed when the getty or login command prompts for a login name. This value is of the type SEC_CHAR.
S_SAKENABLED
Indicates whether or not trusted path processing is allowed on this port. This value is of the type SEC_BOOL.
S_SYNONYM
Defines the set of ports that are synonym attributes for the given port. This value is of the type SEC_LIST.
S_LOGTIMES
Defines when the user can access the port. This value is of the type SEC_LIST.
S_LOGDISABLE
Defines the number of unsuccessful login attempts that result in the system locking the port. This value is of the type SEC_INT.
S_LOGINTERVAL
Defines the time interval in seconds within which S_LOGDISABLE number of unsuccessful login attempts must occur before the system locks the port. This value is of the type SEC_INT.
S_LOGREENABLE
Defines the time interval in minutes after which a system-locked port is unlocked. This value is of the type SEC_INT.
S_LOGDELAY
Defines the delay factor in seconds between unsuccessful login attempts. This value is of the type SEC_INT.
S_LOCKTIME
Defines the time in seconds since the epoch (zero time, January 1, 1970) that the port was locked. This value is of the type SEC_INT.
S_ULOGTIMES
Lists the times in seconds since the epoch (midnight, January 1, 1970) when unsuccessful login attempts occurred. This value is of the type SEC_LIST.
S_USERNAMEECHO
Indicates whether user name input echo and user name masking is enabled for the port. This value is of the type SEC_BOOL.
S_PWDPROMPT
Defines the password prompt message printed when requesting password input. This value is of the type SEC_CHAR.
Value Specifies the address of a buffer in which the attribute is stored with putportattr or is to be read getportattr.
Type Specifies the type of attribute expected. The following types are valid and defined in the usersec.h file:
SEC_INT
Indicates the format of the attribute is an integer. The buffer returned by the getportattr subroutine and the buffer supplied by the putportattr subroutine are defined to contain an integer.
SEC_CHAR
Indicates the format of the attribute is a null-terminated character string.
SEC_LIST
Indicates the format of the attribute is a list of null-terminated character strings. The list itself is null terminated.
SEC_BOOL
An integer with a value of either 0 or 1, or a pointer to a character pointing to one of the following strings:
  • True
  • Yes
  • Always
  • False
  • No
  • Never
SEC_COMMIT
Indicates that changes to the specified port are committed to permanent storage if specified alone for the putportattr subroutine. The Attribute and Value parameters are ignored. If no port is specified, changes to all modified ports are committed.
SEC_DELETE
Deletes the corresponding attribute from the database.
SEC_NEW
Updates all of the port database files with the new port name when using the putportattr subroutine.

Security

Access Control: The calling process must have access to the port information in the port database.

File Accessed:

Item Description
rw /etc/security/login.cfg
rw /etc/security/portlog

Return Values

The getportattr and putportattr subroutines return a value of 0 if completed successfully. Otherwise, a value of -1 is returned and the errno global value is set to indicate the error.

Error Codes

These subroutines are unsuccessful if the following values are true:

Item Description
EACCES Indicates that access permission is denied for the data requested.
ENOENT Indicates that the Port parameter does not exist or the attribute is not defined for the specified port.
ENOATTR Indicates that the specified port attribute does not exist for the specified port.
EINVAL Indicates that the Attribute parameter does not contain one of the defined attributes or is a null value.
EINVAL Indicates that the Value parameter does not point to a valid buffer or to valid data for this type of attribute.
Item Description
EPERM Operation is not permitted.