secval(1m) Open Software Foundation secval(1m)
NAME [Toc] [Back]
secval - A dcecp object that manages the security validation service
on a host
SYNOPSIS [Toc] [Back]
secval activate [host_name_list]
secval deactivate [host_name_list]
secval help [operation | -verbose]
secval operations
secval ping [host_name_list]
secval status [host_name_list]
secval update [host_name_list] [-pesite time_in_seconds]
ARGUMENTS [Toc] [Back]
host_name_list
A list of one or more names of host systems whose security
validation systems you want to act on. If you do not
specify this argument, the local host is assumed. The
argument is optional and takes one of the following forms:
hosts/host_name
/.:/hosts/host_name
/.../cell_name/hosts/host_name
The name can also be a single string binding representing
the host with which to communicate. For example:
{ncacn_ip_tcp 130.105.1.227}
A string binding is useful when the name service is not
operating and cannot translate the other forms of host
names.
operation The name of the secval operation for which to display help
information.
DESCRIPTION [Toc] [Back]
The secval object represents the security validation service running
on a host, as part of the dced server. This service is responsible
Hewlett-Packard Company - 1 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
secval(1m) Open Software Foundation secval(1m)
for maintaining the security credentials of the host machine.
Access to the commands is based on the access control list (ACL) of
the security validation object for a host. This takes the form of
/.../cell_name/hosts/host_name/config/secval.
OPERATIONS [Toc] [Back]
secval activate
Activates a security validation service. The syntax is as follows:
secval activate [host_name_list]
The activate operation activates a security validation service. If the
service is already activated, an error is returned. The optional
host_name_list argument is a list of one or more names of host systems
whose security validation systems you want to activate. This operation
returns an empty string on success.
Privileges Required [Toc] [Back]
You must have x (execute) permission to the security validation
service object.
Examples [Toc] [Back]
dcecp> secval activate
dcecp>
dcecp> secval activate ncacn_ip_tcp:15.22.24.145
dcecp>
secval deactivate
Deactivates a security validation service. The syntax is as follows:
secval deactivate [host_name_list]
The deactivate operation deactivates a security validation service.
If it is already deactivated, an error is returned. The optional
host_name_list argument is a list of one or more names of host systems
whose security validation systems you want to deactivate. This
operation returns an empty string on success.
Privileges Required [Toc] [Back]
You must have s (stop) permission to the security validation service
object.
Hewlett-Packard Company - 2 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
secval(1m) Open Software Foundation secval(1m)
Examples [Toc] [Back]
dcecp> secval deactivate
dcecp>
dcecp> secval deactivate /.:/hosts/gumby
dcecp>
secval help
Returns help information about the secval object and its operations.
The syntax is as follows:
secval help [operation | -verbose]
Options [Toc] [Back]
-verbose Displays information about the secval object.
Used without an argument or option, the secval help command returns
brief information about each secval operation. The optional operation
argument is the name of an operation about which you want detailed
information. Alternatively, you can use the -verbose option for more
detailed information about the secval object itself.
Privileges Required [Toc] [Back]
No special privileges are needed to use the secval help command.
Examples [Toc] [Back]
dcecp> secval help
activate Enables the secval service.
deactivate Disables the secval service.
ping Contacts the dced secval to validate the security service.
status Returns 1 if secval is enabled, 0 if not.
update Updates a component of the secval.
help Prints a summary of command-line options.
operations Returns a list of the valid operations for this command.
dcecp>
secval operations
Returns a list of the operations supported by the secval object. The
syntax is as follows:
secval operations
Hewlett-Packard Company - 3 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
secval(1m) Open Software Foundation secval(1m)
The list of available operations is in alphabetical order except for
help and operations, which are listed last.
Privileges Required [Toc] [Back]
No special privileges are needed to use the secval operations command.
Examples [Toc] [Back]
dcecp> secval operations
activate deactivate ping status update help operations
dcecp>
secval ping
Validates the credentials returned by a DCE security service. The
syntax is as follows:
secval ping [host_name_list]
The ping operation validates the credentials returned by a security
service. This operation can be used to verify that secd is trusted.
The operation returns 1 if the credentials are valid, 0 if they are
not. The optional host_name_list argument is a list of one or more
names of host systems whose security validation systems you want to
validate. If the argument is a list of host names, a list is returned
with a 1 or a 0 for each server.
Privileges Required [Toc] [Back]
No special privileges are needed to use the secval ping command.
Examples [Toc] [Back]
dcecp> secval ping
1
dcecp>
dcecp> secval ping /.../pokey_cell/hosts/gumby
1
dcecp>
secval status
Checks for an active secval. The syntax is as follows:
secval status [host_name_list]
Hewlett-Packard Company - 4 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
secval(1m) Open Software Foundation secval(1m)
The status operation returns 1 if the security validation service is
activated, 0 if it is not. If the argument is a list, a list is
returned, with a 1 or 0 for each server.
Privileges Required [Toc] [Back]
No special privileges are needed to use the secval status command.
Examples [Toc] [Back]
dcecp> secval status
1
dcecp>
dcecp> secval status ncacn_ip_tcp:15.22.24.145
1
dcecp>
secval update
Updates a component of the secval service. The syntax is as follows:
secval update [host_name_list] [-pesite time_in_seconds]
Options [Toc] [Back]
-pesite Sets the amount of time to wait between each pe_site Thread
Maintenance update.
The update operation updates a component of the security validation
service. Currently only updates to the pe_site Maintainer Thread are
supported. Use the -pesite option to set the amount of time in seconds
between each update. The update is performed after the time specified
in time_in_seconds passes. If the -pesite option is not supplied, the
update is performed immediately. This operation returns an empty
string on success.
Privileges Required [Toc] [Back]
You must have x (execute) permission to the security validation
service object.
Examples [Toc] [Back]
dcecp> secval update -pesite 300
dcecp>
Hewlett-Packard Company - 5 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
secval(1m) Open Software Foundation secval(1m)
RELATED INFORMATION [Toc] [Back]
Commands: dcecp(1m), dced(1m).
Hewlett-Packard Company - 6 -�OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96 [ Back ] |
