SysUAF
The System User Authorization File stores the user account information, including passwords. The file is named \uos\SysUAF.DAT on the boot device. SysUAF.DAT is a file heap store. This section describes the data structures stored within this file.
type Ptr = int64 ;
TList_Ptr = Ptr ;
TString_Ptr = Ptr ;
TStringList_Ptr = Ptr ;
TTimeStamp = Ptr ;
TUAF_User = packed record
Name : TString_Ptr ;
Flags : longint ;
Authentication : TList_Ptr ;
Access : TList_Ptr ;
Shell : TString_Ptr ;
LGICMD : TString_Ptr ;
Home : TString_Ptr ;
Privileges : int64 ;
Auth_Privileges : int64 ;
Expiration : TTimeStamp ;
Owner : longint ;
Priority : longint ;
Quotas : TUAF_Quotas ;
Last_Interactive_Login : TTimeStamp ;
Last_Non_Interactive_Login : TTimeStamp ;
Last_Login_Failure : TTimeStamp ;
Login_Failures : longint ;
end ;
Item |
Description |
Name |
User's name. |
Flags |
User account flags. Valid flags are: UAF_Audit = If set, security auditing is enabled for the user. UAF_AutoLogin = If set, the user is restricted to the automatic login mechanism. UAF_Captive = If set, the user is prevented from changing any defaults at login, and cannot leave the LGICMD command procedure specified for the user. Further, Ctrl/Y interrupts are initially disabled. UAF_DefShell = If set, the user is restricted to UCL, the default UOS shell. UAF_DisCtlY = If set, Ctrl/Y interrupts are initially turned off. UAF_DisImage = If set, the user is prevented from executing the RUN command and any foreign commands. UAF_Disreconnect = If set, the user is disabled from automatic reconnection when an interactive session is interrupted. UAF_DisReport = If set, the login CUSP will not display the last login time, login failures, and other security reports. UAF_Disabled = If set, the account is disabled and logins are not allowed. UAF_DisWelcome = If set, the system welcome message is not displayed by the login CUSP. UAF_DisAuth = If set, the user is not required to provide authentication. UAF_Restricted = If set, the user is prevented from changing any defaults at login. Ctrl/Y is also initially disabled. Typically this is used to restrict a user to a specific application. UAF_Accounting = If set, user accounting information is written to accounting.dat file. |
Authentication |
Authentication schemes - list of pointers to TUAF_Authentication records |
Access |
Access list (see TUAF_Access record) |
Shell |
Default shell |
LGICMD |
Login command file name |
Home |
Default home folder |
Privileges |
Starting (default) privileges |
Auth_Privileges |
Authorized (allowed) privileges |
Expiration |
Account expiration |
Owner |
User to charge accounting to (0=this user) |
Priority |
Default priority |
Quotas |
A quota structure (see below) |
Last_Interactive_Login |
Timestamp of last interactive login. |
Last_Non_Interactive_Login |
Timestamp of last non-interactive login |
Last_Login_Failure |
Timestamp of last failed login attempt. |
Login_Failures |
Number of login failures since last successful login |