artexlist Command

Purpose

Outputs a list of profiles from the local system or LDAP server or outputs a list of catalogs that are installed on the local system.

Syntax

artexlist [-c | [ -l] path ] [ -g categories ] [ -g level ]

Description

The command artexlist finds and lists the AIX® Runtime Expert profiles on the local system or on LDAP server.

If the -c option is specified, the output returns a list of catalogs that are installed on the local system rather than a list of profiles.

By default, this command outputs a list of the profiles from /etc/security/artex/samples directory. To override the default path, set the environment variable ARTEX_PROFILE_PATH to one or more semicolon delimited paths. Otherwise, use the path argument. In addition to the local system profiles, use the –l option to list the profiles from the LDAP server.

Flags

Item Description
-c Indicates to list the catalogs installed on the local system in /etc/security/artex/catalogs directory.
-l Indicates to list the profiles from the LDAP server.
-g categories Displays debug messages for the specified coma-separated list of categories. This option is useful while you write new catalog files. The available categories follow:
  • ALL: Includes all of the following categories.
  • COMMANDS: Prints information about the AIX command that is being run.
  • DISCOVERY: Prints information about the discovery commands that are being run.
  • THREADS: Prints information about threads that are being run within the framework.
  • PARSING: Prints information about the parsing of profile and catalog files.
  • FLOW: Prints information about the progress of the operation.
Note: The default category is ALL.
-g level Specifies the verbosity of the debug traces, as an integer in the range of 0 (no debug traces) - 3 (most verbose level). The default level is 0.
path Specifies the path on the local system that contains the list of profiles that are to be returned in the output.

Exit Status

Item Description
0 The command completed successfully.
>0 An error occurred.

Security

Access Control: This command should grant execute (x) access only to the root user and members of the security group. This command should be installed as a program in the trusted computing base (TCB). The command should be owned by the root user with the setuid (SUID) bit set.

Attention RBAC users and Trusted AIX users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand. To get the full functionality of the command, besides the accessauths, the role should also have the following authorizations:
  • aix.security.user.audit
  • aix.security.role.assign
  • aix.security.group.change
  • aix.security.user.change

Files Accessed:

Mode File
rw /etc/passwd
rw /etc/security/user
rw /etc/security/user.roles
rw /etc/security/limits
rw /etc/security/environ
rw /etc/group
rw /etc/security/group
r /usr/lib/security/artexlist.default
x /usr/lib/security/artexlist.sys

Auditing Events:

Event Information
USER_Create user

Examples

The following example illustrates how to list the sample profiles from the default path /etc/security/artex/samples.

artexlist

The following example illustrates how to list the profiles using environment variable ARTEX_PROFILE_PATH.

export ARTEX_PROFILE_PATH=”/tmp:/$HOME/profiles”
artexlist

The following example illustrates how to list the profiles from /data/profiles directory.

artexlist /data/profiles

The following example illustrates how to list the profiles from an LDAP server and from a local system.

artexlist –l

The following example illustrates how to list the catalogs installed on the system.

artexlist –c