177 lines
4.5 KiB
Plaintext
177 lines
4.5 KiB
Plaintext
# $Revision: 1.1 $
|
|
|
|
SATMPD OPTIONS
|
|
|
|
satmpd [-c configdir] [-d STARTUP,FILE_OPEN,DIR_OPEN,OPEN_FAIL,OPENDIR_FAIL,PROTOCOL,ALL] [-p port] -v
|
|
|
|
-c <configdir>
|
|
Set the location of satmpd configuration files to <configdir>
|
|
-d <debug-options>
|
|
Turn on the requested debugging option
|
|
-l <logfile>
|
|
Direct logging output to <logfile>
|
|
-p <port>
|
|
Force satmpd to listen on alternate port <port>.
|
|
|
|
SATMP CONFIG FILE FORMATS
|
|
|
|
ATTRIDS
|
|
Human-readable names of the SATMP attributes plus their numerical
|
|
values. ATTRIDS has the following format:
|
|
|
|
<ATTRIBUTE>:<NUMBER>, one per line.
|
|
|
|
Example:
|
|
SEN_LABEL:0
|
|
NATIONAL_CAVEATS:1
|
|
INTEGRITY_LABEL:2
|
|
INFO_LABEL:3
|
|
PRIVILEGES:4
|
|
AUDIT_ID:5
|
|
IDS:6
|
|
CLEARANCE:7
|
|
AUDIT_INFO:8
|
|
UNASSIGNED_9:9
|
|
ACL:10
|
|
UNASSIGNED_11:11
|
|
|
|
It is an unrecoverable error if "ATTRIDS" is missing.
|
|
|
|
The following attributes aren't supported:
|
|
NATIONAL_CAVEATS
|
|
INFO_LABEL
|
|
AUDIT_INFO
|
|
ACL
|
|
UNASSIGNED_9
|
|
UNASSIGNED_11
|
|
|
|
REQATTR
|
|
Human-readable names of the attributes all clients must support. These
|
|
names must match those in ATTRIDS.
|
|
|
|
Example:
|
|
SEN_LABEL
|
|
PRIVILEGES
|
|
ACL
|
|
|
|
It is an unrecoverable error if "REQATTR" is missing.
|
|
|
|
WEIGHTS
|
|
File containing information regarding weights assigned to
|
|
domains-of-interpretation. Weights should be listed in
|
|
descending order within the file.
|
|
|
|
<ATTRIBUTE>:<DOMAIN>:<WEIGHT>, one per line
|
|
|
|
Example:
|
|
ACL:SGI:255
|
|
ACL:DECMLS:250
|
|
ACL:SUN:245
|
|
|
|
It is an unrecoverable error if "WEIGHTS" is missing.
|
|
|
|
|
|
localmap
|
|
remotemap
|
|
Files containing attribute mapping information. "localmap" is the
|
|
remote-to-local map, "remotemap" is the local-to-remote map.
|
|
Both files have the following format:
|
|
|
|
<ATTRIBUTE>:<DOMAIN>:<SOURCE>:<DEST>, one per line
|
|
|
|
The meaning of <src> and <dest> is attribute specific. If the map
|
|
in any domain has a <SOURCE> field with the value "NATIVE_MAPPING",
|
|
the map is ignored and SGI native mapping is assumed. It is an
|
|
unrecoverable error if "localmap" or "remotemap" is missing.
|
|
|
|
PRIVILEGES
|
|
remote
|
|
<src> is an SGI format capability set. Only the effective
|
|
capabilities are examined, so only specify those :-) Multiple
|
|
capabilities may be specified; a many-to-one mapping is
|
|
possible.
|
|
|
|
<dest> is the remote representation of <src>
|
|
|
|
CAP_MAC_READ+e:mac-read
|
|
CAP_MAC_WRITE+e:mac-write
|
|
all+eip:all-privs
|
|
CAP_CHOWN,CAP_KILL+e:wacky-priv
|
|
|
|
local
|
|
<src> is the remote representation, as one "word". The
|
|
remote representation of the privilege set is broken up
|
|
into words, which are then matched against <src>.
|
|
|
|
<dest> is an SGI format capability set. Again, only the
|
|
effective set matters, and a one-to-many mapping is possible.
|
|
|
|
mac-read:CAP_MAC_READ+e
|
|
mac-write:CAP_MAC_WRITE+e
|
|
all-privs:all+eip
|
|
wacky-priv:CAP_CHOWN,CAP_KILL+e
|
|
|
|
AUDIT_ID
|
|
remote
|
|
<local-username>:<remote-username>
|
|
|
|
glowell:gary
|
|
casey:schaufler
|
|
|
|
local
|
|
<remote-username>:<local-username>
|
|
|
|
gary:glowell
|
|
schaufler:casey
|
|
|
|
IDS
|
|
remote
|
|
user,<local-username>:<remote-username>
|
|
group,<local-groupname>:<remote-groupname>
|
|
|
|
user,glowell:gary
|
|
group,wheel:square
|
|
|
|
local
|
|
user,<remote-username>:<local-username>
|
|
group,<remote-groupname>:<local-groupname>
|
|
|
|
user,gary:glowell
|
|
group,square:wheel
|
|
|
|
SEN_LABEL
|
|
INTEGRITY_LABEL
|
|
CLEARANCE
|
|
remote
|
|
type,<local-type>:<remote-label-rep>
|
|
level,<local-levelname>:<remote-levelname>
|
|
category,<local-category>:<remote-category>
|
|
|
|
If the local label is not a TCSEC label, then it is
|
|
matched against entries of type "type", and <remote-label-rep>
|
|
is the complete remote representation of that label.
|
|
|
|
If the local label is a TCSEC label, its local representation
|
|
is always (msentcsec|mintbiba),level[,categories]. The level
|
|
portion is matched against entries of type "level". Each
|
|
category is matched against entries of type "category".
|
|
|
|
local
|
|
type,<remote-label-rep>:<local-labeltype>
|
|
level,<remote-levelname>:<local-levelname>
|
|
category,<remote-categoryname>:<local-categoryname>
|
|
|
|
First the <remote-label-representation> is compared to
|
|
entries of type "type". If it matches in toto, it is not a
|
|
TCSEC label and <local-labeltype> is the complete local
|
|
representation of that label.
|
|
|
|
Otherwise, it has a type of msentcsec or mintbiba, depending
|
|
on whether we are talking about SENSITIVITY/CLEARANCE or
|
|
INTEGRITY. The remote representation is broken into words.
|
|
The largest subsequence of words is matched against entries
|
|
of type "level". If no subsequence matches (in other words,
|
|
even the first word of the label has no match) it is rejected.
|
|
Any remaining words are matched one at a time against entries
|
|
of type "category".
|