Skip Navigation Links | |
Exit Print View | |
man pages section 1: User Commands Oracle Solaris 11.1 Information Library |
- map certificates into a user
/usr/lib/pam_pkcs11/pklogin_finder [debug] [config_file=filename]
pklogin_finder uses the pam_pkcs11 library infrastructure to interactively map a PKCS#11 provided certificate to a user.
pklogin_finder uses the same configuration file and arguments than pam_pkcs11(5) PAM module. It loads defined mapper modules and tries to find a map between found certificates and a user login.
The following options are supported:
Set the configuration file.
The default value is /etc/security/pam_pkcs11/pam_pkcs11.conf.
Enable debugging output.
The default is no debug.
As it uses the same configuration file as pam_pkcs11(5), all of the pam_pkcs11 options are available. Some of these options make no sense in a non-PAM environment, and are therefore ignored. Some mapper options (mapfile, ignorecase) have no effect on certificate contents, and they are ignored as well.
The following exit values are returned:
Successful completion.
pkcs11_inspect prints on stdout the login name and exits.
An error occurred.
A user mapping error was found.
An error occurred.
No user match was found.
Example 1 Using pklogin_finder
The following example runs the pklogin_finder command without any options:
% pkcs11_inspect
Example 2 Using pklogin_finder with Options
The following example runs the pkcs_finder command with options:
% pklogin_finder debug config_file=${HOME}/.pam_pkcs11.conf
Juan Antonio Martinez, jonsito@teleline.es
See attributes(5) for descriptions of the following attributes:
|
pkcs11_inspect(1), attributes(5), pam_pkcs11(5)
PAM-PKCS11 User Manual, http://www.opensc-project.org/pam_pkcs11