getconfattrs Subroutine
Purpose
Accesses system information in the system information database.
Library
Security Library (libc.a)
Syntax
#include <usersec.h>
#include <userconf.h>Description
The getconfattrs subroutine accesses system configuration information.
The getconfattrs subroutine reads one or more attributes from the system configuration database. If the database is not already open, this subroutine does an implicit open for reading.
- attr_name
- The name of the desired attribute.
- attr_idx
- Used internally by the getconfattrs subroutine.
- attr_type
- The type of the desired attribute. The list of attribute types is defined in the usersec.h header file.
- attr_flag
- The results of the request to read the desired attribute.
- attr_un
- A union containing the values to be written. Its union members
that follow correspond to the definitions of the attr_char, attr_int, attr_long,
and attr_llong macros, respectively:
- au_char
- Attributes of type SEC_CHAR and SEC_LIST store a pointer to the value to be written.
- au_int
- Attributes of type SEC_INT and SEC_BOOL contain the value of the attribute to be written.
- au_long
- Attributes of type SEC_LONG contain the value of the attribute to be written.
- au_llong
- Attributes of type SEC_LLONG contain the value of the attribute to be written.
- attr_domain
- The authentication domain containing the attribute. The getconfattrs subroutine is responsible for managing the memory referenced by this pointer.
Use the setuserdb and enduserdb subroutines to open and close the system configuration database. Failure to explicitly open and close the system database can result in loss of memory and performance.
Parameters
| Item | Description |
|---|---|
| Sys | Specifies the name of the subsystem for which the attributes are to be read. |
| Attributes | A pointer to an array of one or more elements of type dbattr_t. The list of system attributes is defined in the usersec.h header file. |
| Count | The number of array elements in Attributes. |
Security
Files accessed:
| Item | Description |
|---|---|
| Mode | File |
| r | /etc/security/.ids |
| r | /etc/security/audit/config |
| r | /etc/security/audit/events |
| r | /etc/security/audit/objects |
| r | /etc/security/login.cfg |
| r | /etc/security/portlog |
| r | /etc/security/roles |
| r | /usr/lib/security/methods.cfg |
| r | /usr/lib/security/mkuser.default |
Return Values
If the value of the Sys or Attributes parameter is NULL, or the value of the Count parameter is less than 1, the getconfattrs subroutine returns a value of -1, and sets the errno global variable to indicate the error. Otherwise, the subroutine returns a value of zero. The getconfattrs subroutine does not check the validity of the Sys parameter. Each element in the Attributes array must be examined on a successful call to the getconfattrs subroutine to determine whether the Attributes array entry is successfully retrieved.
Error Codes
The getconfattrs subroutine returns an error that indicates that the system attribute does or does not exist. Additional errors can indicate an error querying the information databases for the requested attributes.
| Item | Description |
|---|---|
| EINVAL | The Attributes parameter is NULL. |
| EINVAL | The Count parameter is less than 1. |
| ENOENT | The specified Sys does not exist. |
| EIO | Failed to access remote system information database. |
If the getconfattrs subroutine fails to query an attribute, one or more of the following errors is returned in the attr_flag field of the corresponding Attributes element:
| Item | Description |
|---|---|
| EACCES | The user does not have access to the attribute specified in the attr_name field. |
| EINVAL | The attr_type field in the Attributes entry contains an invalid type. |
| EINVAL | The attr_un field in the Attributes entry does not point to a valid buffer or to valid data for this type of attribute. Limited testing is possible and all errors might not be detected. |
| ENOMEM | Memory could not be allocated to store the return value. |
| ENOATTR | The attr_name field in the Attributes entry specifies an attribute that is not defined for this system table. |
Files
| Item | Description |
|---|---|
| /etc/security/.ids | The next available user and group ID values. |
| /etc/security/audit/config | Bin and stream mode audit configuration parameters. |
| /etc/security/audit/events | Format strings for audit event records. |
| /etc/security/audit/objects | File system objects that are explicitly audited. |
| /etc/security/login.cfg | Miscellaneous login relation parameters. |
| /etc/security/portlog | Port login failure and locking history. |
| /etc/security/roles | Definitions of administrative roles. |
| /usr/lib/security/methods.cfg | Definitions of loadable authentication modules. |
| /usr/lib/security/mkuser.default | Default user attributes for administrative and non administrative users. |