asecure(1M) asecure(1M)
NAME [Toc] [Back]
asecure - control access to Audio on a workstation
SYNOPSIS [Toc] [Back]
/opt/audio/bin/asecure [-CdelP] [+h host] [-h host] [+p user] [-p user]
[+u user] [-u user] [+b host,user] [-b host,user]
DESCRIPTION [Toc] [Back]
On Series 700 workstations, audio is secured so that only the user on
the local workstation can access audio. You use the asecure command to
modify audio security. This command does not apply to X stations; on
an X station, access to audio is unrestricted.
To modify audio security, become root on the local workstation where
you want make a change. Then, use asecure as follows:
/opt/audio/bin/asecure -C
When prompted, enter any meaningful password. Issuing asecure -C
creates the Audio Security File (ASF). The ASF contains information
that determines which hosts and users can access the Aserver, and
which users (other than the superuser) can modify the ASF.
If needed, you can allow unrestricted access to audio on this
workstation. To remove audio security, issue this command:
/opt/audio/bin/asecure -d
If instead, you wish to modify security, you use asecure to make
changes to the information in the ASF. (Because the ASF is a binary
file, we do not recommend using an editor on this file.) You can use
asecure to make these types of changes:
+ Allow all clients from a remote host to access the server.
+ Allow specific users from all other hosts to access the
server.
+ Allow a specific user from a specific host to access the
server.
+ Disable access control, allowing complete unrestricted access
to the server, but leaving the ASF intact.
Every operation that creates, reinitializes, or changes the contents
of the ASF is logged in the /var/adm/audio/asecure_log file, so that
you can track any changes to the ASF.
Options [Toc] [Back]
asecure supports the following options:
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
asecure(1M) asecure(1M)
+b|-b host,user
Add/delete hostname,username pair. You must be
either superuser or a privileged user to do this.
You can supply more than one hostname,username
pair separated by blanks.
To use either the +b or -b options, you MUST
supply at least one hostname,username pair. This
option will not work without a pair.
-C Create a new ASF file, called the audio.sec file.
Access control default is enabled with no entries
in the access list. Aserver can now be accessed
only by local users on the host machine. If an
audio.sec file already exists, it is reinitialized.
You must be superuser to execute this option. This
option is mutually-exclusive of all other options.
This option requires a password. This is an extra
layer of protection for the contents of the ASF.
It is designed to prevent surreptitious
manipulation of the ASF. If you are creating a new
ASF, you are prompted for a password and an
encrypted copy of that password is stored in the
new ASF.
If the ASF already exists, you are prompted for
the password. If your password matches the
password stored in the ASF, the ASF is then reinitialized.
-d Disable access control to the Aserver. This allows
unrestricted access by all clients.
-e Enable access control to the Aserver. This
restricts access to clients listed in the ASF.
Enabled is the default state.
+h|-h host Add/delete hostnames for ALL users. You must be
either superuser or a privileged user to do this.
You can supply more than one hostname separated by
blanks.
-l List the contents of the ASF. This option shows a
list of the hostnames and/or usernames that have
access to the Aserver.
-P Change password for audio.sec file. You must be
superuser to do this. You are prompted once for
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: August 2003
asecure(1M) asecure(1M)
the old password, then prompted twice for the new
password.
+p|-p user Add/delete privileged users. You must be
superuser to do this and must enter the password
given when the ASF was created (see -C option). To
see a list of privileged users, you must be
superuser and use the -l option.
+u|-u user Add/delete usernames for ALL hosts. You must be
either superuser or a privileged user to do this.
You can supply more than one username separated by
blanks.
EXAMPLES [Toc] [Back]
List entries in access list.
/opt/audio/bin/asecure -l
Disable access control. This means anyone can connect to Aserver
without restriction.
/opt/audio/bin/asecure -d
Add moonbeam host for all users to access list. Remove pluto host for
all users from access list.
/opt/audio/bin/asecure +h moonbeam -h pluto
Add user comet for hosts saturn and mercury to access list.
/opt/audio/bin/asecure +b saturn,comet mercury,comet
Add user comet to access list for all hosts. Remove users venus and
neptune from access list for all hosts.
/opt/audio/bin/asecure +u comet -u venus neptune
Create new access list.
/opt/audio/bin/asecure -C
AUTHOR [Toc] [Back]
asecure was developed by HP.
FILES [Toc] [Back]
/var/opt/audio/asecure_log asecure log pathname
/etc/opt/audio/audio.sec ASF pathname
SEE ALSO [Toc] [Back]
audio(5), asecure(1M), aserver(1M), attributes(1), convert(1),
Hewlett-Packard Company - 3 - HP-UX 11i Version 2: August 2003
asecure(1M) asecure(1M)
send_sound(1).
Using the Audio Developer's Kit
Hewlett-Packard Company - 4 - HP-UX 11i Version 2: August 2003 [ Back ] |
