.\" Copyright (c) 2003-2012 .\" Distributed Systems Software. All rights reserved. .\" See the file LICENSE for redistribution information. .\" $Id: copyright-nr 2564 2012-03-02 00:17:08Z brachman $ '\" t .\" Title: dacsinfocard .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 02/19/2019 .\" Manual: DACS Commands Manual .\" Source: DACS 1.4.40 .\" Language: English .\" .TH "DACSINFOCARD" "1" "02/19/2019" "DACS 1.4.40" "DACS Commands Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" dacsinfocard \- manage InfoCard accounts .SH "SYNOPSIS" .HP \w'\fBdacsinfocard\fR\ 'u \fBdacsinfocard\fR [\fI\m[blue]\fBdacsoptions\fR\m[]\&\s-2\u[1]\d\s+2\fR] .SH "DESCRIPTION" .PP This program is part of the \fBDACS\fR suite\&. .PP The \fBdacsinfocard\fR command manages accounts that are used by the \m[blue]\fBlocal_infocard_authenticate\fR\m[]\&\s-2\u[2]\d\s+2 authentication module\&. This utility serves a similar purpose for these authentication modules that the \m[blue]\fBdacspasswd(1)\fR\m[]\&\s-2\u[3]\d\s+2 command does for its \m[blue]\fBlocal_passwd_authenticate\fR\m[]\&\s-2\u[4]\d\s+2 module\&. .PP Apart from their use by \fBlocal_infocard_authenticate\fR, \fIthese accounts are completely separate from any other accounts\fR\&. .if n \{\ .sp .\} .RS 4 .it 1 an-trap .nr an-no-space-flag 1 .nr an-break-flag 1 .br .ps +1 \fBSecurity\fR .ps -1 .br .PP The digest algorithm used depends on the \m[blue]\fBINFOCARD_DIGEST\fR\m[]\&\s-2\u[5]\d\s+2 directive in effect\&. .PP Plaintext PPIDs are not stored\&. This makes it more difficult for an attacker that gains access to the InfoCard account file to discover PPIDs\&. .PP Only a \fBDACS\fR administrator should be able to successfully run this program from the command line\&. Because \fBDACS\fR keys and configuration files, including the file used to store accounts, must be restricted to an administrator, this will normally be the case, but a careful administrator will set file permissions to deny access to all other users\&. An ordinary user is able to change his own InfoCard registration using the \m[blue]\fBdacs_infocard(8)\fR\m[]\&\s-2\u[6]\d\s+2 web service\&. .sp .5v .RE .PP This program is also available as a \fBDACS\fR web service, \m[blue]\fBdacs_infocard(8)\fR\m[]\&\s-2\u[6]\d\s+2\&. .SH "OPTIONS" .PP The \fBdacsinfocard\fR command recognizes these command line flags: .SH "EXAMPLES" .PP To list all of the InfoCard accounts configured for the jurisdiction named INFOCARDS: .sp .if n \{\ .RS 4 .\} .nf % dacsinfocard \-uj INFOCARDS \-list DSS::INFOCARDS:bob managed,istatic,enabled,passwd DSS::INFOCARDS:alice managed,istatic,disabled,passwd .fi .if n \{\ .RE .\} .PP To re\-enable the alice account: .sp .if n \{\ .RS 4 .\} .nf % dacsinfocard \-uj INFOCARDS \-ena alice .fi .if n \{\ .RE .\} .PP To test if alice\*(Aqs account is enabled: .sp .if n \{\ .RS 4 .\} .nf % dacsinfocard \-uj INFOCARDS \-test ena alice % echo $status 0 .fi .if n \{\ .RE .\} .PP To test if there are accounts for usernames bob and carol: .sp .if n \{\ .RS 4 .\} .nf % dacsinfocard \-uj INFOCARDS \-test exists carol % echo $status 0 % dacsinfocard \-uj INFOCARDS \-test exists bob % echo $status 1 .fi .if n \{\ .RE .\} .PP To get the private data for username bob: .sp .if n \{\ .RS 4 .\} .nf % set x=`dacsinfocard \-uj INFOCARDS \-pdg bob` % echo "$x" On vacation .fi .if n \{\ .RE .\} .sp .SH "DIAGNOSTICS" .PP The program exits 0 if everything was fine, and non\-zero otherwise\&. A "false" outcome from the \fB\-test\fR operation is reflected by an exit status of 1\&. An error condition is indicated by an exit status of 2\&. .SH "BUGS" .PP As this is a relatively new and complicated feature, please test carefully\&. .SH "SEE ALSO" .PP \m[blue]\fBdacs_infocard(8)\fR\m[]\&\s-2\u[6]\d\s+2, \m[blue]\fBdacsauth(1)\fR\m[]\&\s-2\u[7]\d\s+2, \m[blue]\fBdacs_authenticate(8)\fR\m[]\&\s-2\u[8]\d\s+2, \m[blue]\fBdacs_admin(8)\fR\m[]\&\s-2\u[9]\d\s+2, \m[blue]\fBdacs\&.conf(5)\fR\m[]\&\s-2\u[10]\d\s+2, \m[blue]\fBUsing InfoCards With DACS\fR\m[]\&\s-2\u[11]\d\s+2 .SH "AUTHOR" .PP Distributed Systems Software (\m[blue]\fBwww\&.dss\&.ca\fR\m[]\&\s-2\u[12]\d\s+2) .SH "COPYING" .PP Copyright \(co 2003\-2012 Distributed Systems Software\&. See the \m[blue]\fBLICENSE\fR\m[]\&\s-2\u[13]\d\s+2 file that accompanies the distribution for licensing information\&. .SH "NOTES" .IP " 1." 4 dacsoptions .RS 4 \%http://dacs.dss.ca/man/dacs.1.html#dacsoptions .RE .IP " 2." 4 local_infocard_authenticate .RS 4 \%http://dacs.dss.ca/man/dacs_authenticate.8.html#local_infocard_authenticate .RE .IP " 3." 4 dacspasswd(1) .RS 4 \%http://dacs.dss.ca/man/dacspasswd.1.html .RE .IP " 4." 4 local_passwd_authenticate .RS 4 \%http://dacs.dss.ca/man/dacs_authenticate.8.html#local_passwd_authenticate .RE .IP " 5." 4 INFOCARD_DIGEST .RS 4 \%http://dacs.dss.ca/man/dacs.conf.5.html#INFOCARD_DIGEST .RE .IP " 6." 4 dacs_infocard(8) .RS 4 \%http://dacs.dss.ca/man/dacs_infocard.8.html .RE .IP " 7." 4 dacsauth(1) .RS 4 \%http://dacs.dss.ca/man/dacsauth.1.html .RE .IP " 8." 4 dacs_authenticate(8) .RS 4 \%http://dacs.dss.ca/man/dacs_authenticate.8.html .RE .IP " 9." 4 dacs_admin(8) .RS 4 \%http://dacs.dss.ca/man/dacs_admin.8.html .RE .IP "10." 4 dacs.conf(5) .RS 4 \%http://dacs.dss.ca/man/dacs.conf.5.html .RE .IP "11." 4 Using InfoCards With DACS .RS 4 \%http://dacs.dss.ca/man/using-infocards-with-dacs.html .RE .IP "12." 4 www.dss.ca .RS 4 \%http://www.dss.ca .RE .IP "13." 4 LICENSE .RS 4 \%http://dacs.dss.ca/man/../misc/LICENSE .RE