evm.auth.4 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

evm.auth(4) evm.auth(4)

NAME

evm.auth - EVM authorization ﬁle

SYNOPSIS

event_rights {

class event_class

post rights_list

access rights_list

}

service_rights {

service service_name

execute rights_list

}

DESCRIPTION

Authorization is control of the right to post, subscribe to, or retrieve an EVM event, or to execute services

deﬁned in the EVM daemon conﬁguration ﬁle.

The

evm.auth ﬁle is a text ﬁle that controls event authorization. Any portion of a line from an

unquoted number sign (#) to the end of line is a comment. Blank lines are ignored. The following

authorization controls are recognized:

event_rights The rights speciﬁed apply to event posting and subscription.

class event_class Class of events to which these rights apply. An event_class is a string of one or

more components that match the same set of components in an Event Name.It

is used to identify a family of events for purposes such as authorization. The

more speciﬁc classes (those with more components) override the rights indicated

by the less speciﬁc (more generic) classes.

post rights_list Users speciﬁed by the rights_list are allowed or denied the right to post events of

this event_class .

access rights_list Users speciﬁed by the rights_list are allowed or denied the right to subscribe to or

retrieve from the log, events of this event_class .

rights_list A list of users or groups who have or are denied the speciﬁed right for this event

or service class. Entries are separated by commas.

A rights_list has the format:

[+|-][user|group=groupname]

In the previous rights_list , user is the login name of any user, and groupname is

any group. The keyword

group may be abbreviated to grp. A leading plus

character (+) signiﬁes that event or service rights are granted. A leading minus

character (-) signiﬁes that rights are explicitly denied. User root has implicit

posting and access rights to all events, and execute rights to all services, unless

they are explicitly denied.

The ﬁrst explicit entry for a user in a rights list takes precedence over any other

explicit or group entries for that user. If the user is not explicitly listed, but is a

member of a group which denies access, access is denied even if the user is also a

member of a group for which access is granted.

A plus or minus sign with no associated name grants or denies rights to all users.

The rights_list must be enclosed in double quotes if it contains spaces.

service_rights The rights speciﬁed apply to services performed by the daemon for a requesting

client.

service service_name

The service to which these rights apply. The service_name is the name of a ser-

vice deﬁned in the evmdaemon.conf ﬁle. User-deﬁned services are not

currently supported.

execute rights_list Users speciﬁed by the rights_list are allowed or denied the right to request opera-

tion of this service.

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (2 pages)

PAGE 1
evm.auth(4) evm.auth(4) NAME evm.auth - EVM authorization file SYNOPSIS event_rights { class event_class post rights_list access rights_list } service_rights { service service_name execute rights_list } DESCRIPTION Authorization is control of the right to post, subscribe to, or retrieve an EVM event, or to execute services defined in the EVM daemon configuration file. The evm.auth file is a text file that controls event authorization.
PAGE 2
evm.auth(4) evm.auth(4) The keywords described may be entered in a case-insensitive manner. The allowable strings and the minimum number of characters is shown in the following table. A minimum of zero (0) indicates that all characters are required. Keyword access class event_rights execute post service service_rights A Minimum 0 0 7 4 0 4 9 Notes 1. If you add an event_rights entry to the authorization file, you must make sure there is a corresponding base event template in the template file library.