# @(#)48	1.5.1.4  src/bos/etc/nscontrol/nscontrol.conf, libs, bos72D, d2015_46A8 11/5/15 16:23:27
# IBM_PROLOG_BEGIN_TAG 
# This is an automatically generated prolog. 
#  
# bos72D src/bos/etc/nscontrol/nscontrol.conf 1.5.1.4 
#  
# Licensed Materials - Property of IBM 
#  
# Restricted Materials of IBM 
#  
# COPYRIGHT International Business Machines Corp. 2007,2015 
# All Rights Reserved 
#  
# US Government Users Restricted Rights - Use, duplication or 
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
#  
# IBM_PROLOG_END_TAG 
#
########################################################################
# 
# /etc/nscontrol.conf - controls the ordering of certain RBAC, EFS 
# and Trusted Execution database lookup/update services.
#
# The /etc/nscontrol.conf is a stanza file, with each stanza name 
# representing a RBAC/EFS/TE/AUDIT table name. The lssec / chsec commands can be
# used to manage the /etc/nscontrol.conf file. 
#
# The stanza names and their corresponding RBAC library subroutines are:
#
# authorizations: getauthattr  getauthattrs  putauthattr  putauthattrs
# roles:          getroleattr  getroleattrs  putroleattr  putroleattrs
# privcmds:       getcmdattr   getcmdattrs   putcmdattr   putcmdattrs
# privdevs:       getdevattr   getdevattrs   putdevattr   putdevattrs
# privfiles:      getpfileattr getpfileattrs putpfileattr putpfileattrs
# domains:		  getdomattr getdomattrs putdomattr putdomattrs
# domobjs:	      getobjattr getobjattrs putobjattr putobjattrs
#
# The stanza names for EFS Keystore are:
#
# efsusrkeystore
# efsgrpkeystore
# efsadmkeystore
#
# The stanza names for DOMAIN RBAC are:
# domains
# domobjs
# The stanza names for Trusted Execution dbs are:
# 
# tsddat
# tepolicies
#
# The stanza names for Audit configuration is :
#
# auditconfig
#
# The following attributes can be specified for each stanza:
#
# secorder	- comma separated list of modules. Valid module names
# 		  are: 
# 		  	files
# 		  	LDAP
# 		  	
# 		  If secorder is not set or the stanza is missing from
# 		  the /etc/nscontrol.conf file, the default value of 
# 		  "files" will be used.
#
# databasename	- The Trusted Execution Singnature database name or
# 		  Trusted Execution Policy databasename. These names
# 		  are used to query from LDAP.
# 		  If databasename is not set the default names TSD for
# 		  Singature database name and TEPOL for Trusted Execution 
# 		  Policy database name will be considered.
#
# Stanza example:
#
# authorizations:
# 	secorder = files,LDAP
#
# tsddat:
# 	secorder = LDAP,files
# 	databasename = TSD
#
# efsusrkeystore:
# 	secorder = LDAP,files
#
# Use the chsec command to update this file. For example, to set the
# secorder for authorizations to be LDAP and then files, run:
#
# # chsec -f /etc/nscontrol.conf -s authorizations -a secorder=LDAP,files
#
########################################################################

authorizations:
	secorder = files

roles:
	secorder = files

privcmds:
	secorder = files

privdevs:
	secorder = files

privfiles:
	secorder = files

efsusrkeystore:
	secorder = files

efsgrpkeystore:
	secorder = files

efsadmkeystore:
	secorder = files

tsddat:
	secorder = files
	databasename = TSD

tepolicies:
	secorder = files
	databasename = TEPOL

domains:
	secorder = files

domobjs:
	secorder = files

auditconfig:
	secorder = files