SysUAF

Parent Previous Next

SysUAF

The System User Authorization File stores the user account information, including passwords.  The file is named \uos\SysUAF.DAT on the boot device.  SysUAF.DAT is a file heap store.  This section describes the data structures stored within this file.


type Ptr = int64 ;

    TList_Ptr = Ptr ;

    TString_Ptr = Ptr ;

    TStringList_Ptr = Ptr ;

    TTimeStamp = Ptr ;


    TUAF_User = packed record

                    Name : TString_Ptr ;

                    Flags : longint ;

                    Authentication : TList_Ptr ;

                    Access : TList_Ptr ;

                    Shell : TString_Ptr ;

                    LGICMD : TString_Ptr ;

                    Home : TString_Ptr ;

                    Privileges : int64 ;

                    Auth_Privileges : int64 ;

                    Expiration : TTimeStamp ;

                    Owner : longint ;

                    Priority : longint ;

                    Quotas : TUAF_Quotas ;

                    Last_Interactive_Login : TTimeStamp ;

                    Last_Non_Interactive_Login : TTimeStamp ;

                    Last_Login_Failure : TTimeStamp ;

                    Login_Failures : longint ;

                end ;


Item

Description

Name

User's name.

Flags

User account flags.  Valid flags are:

UAF_Audit = If set, security auditing is enabled for the user.

UAF_AutoLogin = If set, the user is restricted to the automatic login mechanism.

UAF_Captive = If set, the user is prevented from changing any defaults at login, and cannot leave the LGICMD command procedure specified for the user. Further, Ctrl/Y interrupts are initially disabled.

UAF_DefShell = If set, the user is restricted to UCL, the default UOS shell.

UAF_DisCtlY = If set, Ctrl/Y interrupts are initially turned off.

UAF_DisImage = If set, the user is prevented from executing the RUN command and any foreign commands.

UAF_Disreconnect = If set, the user is disabled from automatic reconnection when an interactive session is interrupted.

UAF_DisReport = If set, the login CUSP will not display the last login time, login failures, and other security reports.

UAF_Disabled = If set, the account is disabled and logins are not allowed.

UAF_DisWelcome = If set, the system welcome message is not displayed by the login CUSP.

UAF_DisAuth = If set, the user is not required to provide authentication.

UAF_Restricted = If set, the user is prevented from changing any defaults at login. Ctrl/Y is also initially disabled. Typically this is used to restrict a user to a specific application.

UAF_Accounting = If set, user accounting information is written to accounting.dat file.

Authentication

Authentication schemes - list of pointers to TUAF_Authentication records

Access

Access list (see TUAF_Access record)

Shell

Default shell

LGICMD

Login command file name

Home

Default home folder

Privileges

Starting (default) privileges

Auth_Privileges

Authorized (allowed) privileges

Expiration

Account expiration

Owner

User to charge accounting to (0=this user)

Priority

Default priority

Quotas

A quota structure (see below)

Last_Interactive_Login

Timestamp of last interactive login.

Last_Non_Interactive_Login

Timestamp of last non-interactive login

Last_Login_Failure

Timestamp of last failed login attempt.

Login_Failures

Number of login failures since last successful login