USERFILE(5)	    UNIX Programmer's Manual	      USERFILE(5)


NAME
     USERFILE - UUCP pathname permissions file

DESCRIPTION
     The USERFILE file specifies the file system directory trees
     that are accessible to local users and to remote systems via
     UUCP.

     Each line in USERFILE is of the form:

     [loginname],[system] [ c ] pathname [pathname] [pathname]

     The first two items are separated by a comma; any number of
     spaces or tabs may separate the remaining items.  Lines
     beginning with a `#' character are comments.  A trailing `\'
     indicates that the next line is a continuation of the
     current line.

     Loginname is a login (from /etc/passwd) on the local
     machine.

     System is the name of a remote machine, the same name used
     in L.sys(5).

     c denotes the optional callback field.  If a c appears here,
     a remote machine that calls in will be told that callback is
     requested, and the conversation will be terminated.  The
     local system will then immediately call the remote host
     back.

     Pathname is a pathname prefix that is permissible for this
     login and/or system.

     When uucico(8) runs in master role or uucp(1) or uux(1) are
     run by local users, the permitted pathnames are those on the
     first line with a loginname that matches the name of the
     user who executed the command.  If no such line exists, then
     the first line with a null (missing) loginname field is
     used.  (Beware: uucico is often run by the superuser or the
     UUCP administrator through cron(8).)

     When uucico runs in slave role, the permitted pathnames are
     those on the first line with a system field that matches the
     hostname of the remote machine.  If no such line exists,
     then the first line with a null (missing) system field is
     used.

     Uuxqt(8) works differently; it knows neither a login name
     nor a hostname.  It accepts the pathnames on the first line
     that has a null system field.  (This is the same line that
     is used by uucico when it cannot match the remote machine's
     hostname.)


Printed 11/26/99	November 27, 1996			1


USERFILE(5)	    UNIX Programmer's Manual	      USERFILE(5)


     A line with both loginname and system null, for example

	  , /usr/spool/uucppublic

     can be used to conveniently specify the paths for both "no
     match" cases if lines earlier in USERFILE did not define
     them.  (This differs from older Berkeley and all USG ver-
     sions, where each case must be individually specified.  If
     neither case is defined earlier, a "null" line only defines
     the "unknown login" case.)

     To correctly process loginname on systems that assign
     several logins per UID, the following strategy is used to
     determine the current loginname:

     1)   If the process is attached to a terminal, a login entry
	  exists in /var/run/utmp, and the UID for the utmp name
	  matches the current real UID, then loginname is set to
	  the utmp name.

     2)   If the USER environment variable is defined and the UID
	  for this name matches the current real UID, then login-
	  name is set to the name in USER.

     3)   If both of the above fail, call getpwuid(3) to fetch
	  the first name in /etc/passwd that matches the real
	  UID.

     4)   If all of the above fail, the utility aborts.

FILES
     /etc/uucp/USERFILE
     /etc/uucp/UUAIDS/USERFILE	 USERFILE example

SEE ALSO
     uucp(1), uux(1), L.cmds(5), L.sys(5), uucico(8), uuxqt(8)

NOTES
     The UUCP utilities (uucico, uucp, uux, and uuxqt) always
     have access to the UUCP spool files in /usr/spool/uucp,
     regardless of pathnames in USERFILE.

     If uucp is listed in L.cmds(5), then a remote system will
     execute uucp on the local system with the USERFILE
     privileges for its login, not its hostname.

     Uucico freely switches between master and slave roles during
     the course of a conversation, regardless of the role it was
     started with.  This affects how USERFILE is interpreted.

WARNING
     USERFILE restricts access only on strings that the UUCP


Printed 11/26/99	November 27, 1996			2


USERFILE(5)	    UNIX Programmer's Manual	      USERFILE(5)


     utilities identify as being pathnames.  If the wrong holes
     are left in other UUCP control files (notably L.cmds), it
     can be easy for an intruder to open files anywhere in the
     file system.  Arguments to uucp(1) are safe, since it
     assumes all of its non-option arguments are files.  Uux(1)
     cannot make such assumptions; hence, it is more dangerous.

BUGS
     The UUCP Implementation Description explicitly states that
     all remote login names must be listed in USERFILE.  This
     requirement is not enforced by Berkeley UUCP, although it is
     by USG UUCP.

     Early versions of 4.2BSD uuxqt(8) erroneously check UUCP
     spool files against the USERFILE pathname permissions.
     Hence, on these systems it is necessary to specify
     /usr/spool/uucp as a valid path on the USERFILE line used by
     uuxqt.  Otherwise, all uux(1) requests are rejected with a
     "PERMISSION DENIED" message.


Printed 11/26/99	November 27, 1996			3


 
Generated: 2016-12-26
Generated by man2html V0.25
page hit count: 1422
Valid CSS Valid XHTML 1.0 Strict