SATMPD(1M)SATMPD(1M)NAMEsatmpd - Security Attribute Token Mapping Protocol Daemon
SYNOPSIS
/usr/bin/satmpd [ -c configdir ] [ -d debug-options ] [ -l logfile ] [ -p
port ]
DESCRIPTION
A daemon that implements the Security Attribute Token Mapping Protocol,
(SATMP). It is also known as the Token Mapping Daemon.
OPTIONS-c configdir
Set the location of satmpd configuration files to configdir.
-d debug-options
Turn on the requested debugging options. These must be entered as a
single option or as a comma-separated list with no whitespace.
Acceptable values are STARTUP, FILE_OPEN, DIR_OPEN, OPEN_FAIL,
OPENDIR_FAIL, PROTOCOL, and ALL. The -d option may be given more
than once. When using the -d option satmpd does not daemonize itself
and runs in the foreground. Operating in this mode at bootup will
cause the host to hang waiting for satmpd to exit.
-l logfile
Direct debugging output to file logfile.
-p port
Force satmpd to listen on alternate port port.
CONFIGURATION FILES
The following configuration files are required. It is an unrecoverable
error if any of these are missing.
ATTRIDS
This file contains human-readable names of the SATMP attributes plus
their numerical values. Each ATTRIDS entry consists of a single line
with the following format:
<attribute>:<number>
The ATTRIDS file supplied with your system contains the following
entries:
SEN_LABEL:0
NATIONAL_CAVEATS:1
INTEGRITY_LABEL:2
INFO_LABEL:3
PRIVILEGES:4
AUDIT_ID:5
IDS:6
CLEARANCE:7
Page 1
SATMPD(1M)SATMPD(1M)
AUDIT_INFO:8
UNASSIGNED_9:9
ACL:10
UNASSIGNED_11:11
The following attributes are not supported under Trusted IRIX and are
silently ignored: NATIONAL_CAVEATS, INFO_LABEL, CLEARANCE, AUDIT_INFO,
ACL, UNASSIGNED_9, and UNASSIGNED_11.
REQATTR
This file contains human-readable names of the attributes all clients
must support. These names must match those in ATTRIDS. For example:
SEN_LABEL
PRIVILEGES
ACL
WEIGHTS
This file contains information regarding weights assigned to domains of
translation. When the local and remote host have more than one domain of
translation in common for a given attribute, the weight is used to
determine which domain of translation is used. Weight entries should be
listed in descending order within the file, one per line, with the
following format:
<attribute>:<domain>:<weight>
For example:
ACL:SGI:255
ACL:DECMLS:250
ACL:SUN:245
localmap
This file contains remote-to-local attribute mapping information. Each
entry consists of one-line with the following format:
<attribute>:<domain>:<source>:<dest>
The meaning of <source> and <dest> is attribute specific. If the map in
any domain has a <source> field with the value "NATIVE_MAPPING", the map
is ignored and SGI native mapping is assumed. Otherwise, the meaning of
<source> and <dest> is as follows:
PRIVILEGES
<source> is the remote representation, as one "word". The remote
representation of the privilege set is broken up into words, which are
then matched against <source>.
Page 2
SATMPD(1M)SATMPD(1M)
<dest> is an SGI format capability set. Again, only the effective set
matters, and a one-to-many mapping is possible.
Examples:
PRIVILEGES:SGI:mac-read:CAP_MAC_READ+e
PRIVILEGES:SGI:all-privs:all+eip
AUDIT_ID
<source> is the remote user name and <dest> is the local user name.
Examples:
AUDIT_ID:SGI:gails:gsmith
AUDIT_ID:SGI:cbj:charles
IDS
User and group ids are listed on separate lines. For each, <source> is
the remote name and <dest> is the local name.
Examples:
IDS:SGI:user,gails:gsmith
IDS:SGI:group,square:wheel
SEN_LABEL
INTEGRITY_LABEL
For each entry, <source> is the remote representation and <dest> is the
local representation.
Mandatory access control labels consist of a sensitivity label and an
integrity label. For each of these, there are some administrative
labels, which consist only of a type, and other labels, msentcsec and
mintbiba, that consist of components. Administrative labels are
represented by entries with the attribute "type". The sensitivity label
"msentcsec" and the integrity label "mintbiba" are not specified as
types. Instead, each level or grade and category or division is
specified on a single line. Note that grades should be specified as
"level" and division as "category".
Examples:
SEN_LABEL:SGI:type,msenhigh:highadmin
SEN_LABEL:SGI:level,lords:senate
SEN_LABEL:SGI:level,commons:house
SEN_LABEL:SGI:category,crimson:red
The daemon is implemented to facilitate matching between Trusted IRIX
representations and those of other vendors, which do not have separate
types for administrative labels. To map a remote, non Trusted IRIX
Page 3
SATMPD(1M)SATMPD(1M)
representation to a local representation, the remote label representation
is first compared with "type" entries. If it matches in toto, then is
not a msentcsec or mintbiba label and the local label representation in
the "type" entry is the complete local representation of that label.
Otherwise, the remote representation is broken into words. The largest
subsequence of words is matched against "level" entries. If no
subsequence matches (in other words, even the first word of the label has
no match) it is rejected. Otherwise, any remaining words are matched one
at a time against entries of type "category".
remotemap
This file contains local-to-remote attribute mapping information. The
entries have the same format as in localmap.
The meaning of <source> and <dest> is attribute specific. If the map in
any domain has a <source> field with the value "NATIVE_MAPPING", the map
is ignored and SGI native mapping is assumed. Otherwise, the meaning of
<source> and <dest> is as follows:
PRIVILEGES
<source> is an SGI format capability set. Only the effective capabilities
are examined. Multiple capabilities may be specified; a many-to-one
mapping is possible.
<dest> is the remote representation of <source>
Examples:
PRIVILEGES:SGI:CAP_MAC_READ+e:mac-read
PRIVILEGES:SGI:all+eip:all-privs
AUDIT_ID
<source> is the local user name and <dest> is the remote user name.
Examples:
AUDIT_ID:SGI:gsmith:gails
AUDIT_ID:SGI:charles:cbj
IDS
User and group ids are listed on separate lines. For each, <source> is
the local name and <dest> is the remote name.
Examples:
IDS:SGI:user,gsmith:gails
IDS:SGI:group,wheel:square
Page 4
SATMPD(1M)SATMPD(1M)
SEN_LABEL
INTEGRITY_LABEL
For each entry, <source> is the local representation and <dest> is the
remote representation.
Examples:
SEN_LABEL:SGI:type,highadmin:msenhigh
SEN_LABEL:SGI:level,senate:lords
SEN_LABEL:SGI:level,house:commons
SEN_LABEL:SGI:category,red:crimson
The daemon is implemented to correctly map local Trusted IRIX
representations to those of other vendors, which do not have separate
types for administrative labels. If the local label is not a msentcsec or
mintbiba label, then it is matched against "type" entries, and the remote
label representation is complete. If the local label is a msentcsec or
mintbiba label, its local representation is divided into a level, or
grade, and one or more categories, or divisions. The remote label
representation is constructed by matching the level or grade portion
against "level" entries, and matching each category or grade against
"category" entries.
SEE ALSOiflabel(1m), rhost(1m), samp(7p), satmp(7p), trusted_networking(7),
tsix(7p).
Page 5
