Authenticate a user and create a PAG association.
paginit [ -R module_name ] [ username ]
The paginit command authenticates username (by default, the user issuing the command) and creates an association between the username and a kernel token called a Process Authentication Group entry (PAG). A new login shell is spawned by this command.
If the -R flag is not given, paglist queries the user's registry attribute and use that value for module_name.
To associate the username with an alternate Identification and Authentication (I&A) mechanism, the -R flag can be used to specify the I&A load module used to create the user. Load modules are defined in the /usr/lib/security/methods.cfg file.
Item | Description |
---|---|
-R module_name | Specifies the loadable I&A module used to authenticate the user. |
Item | Description |
---|---|
username | Specifies the user. This parameter defaults to the user issuing the command. Only the root user may override the default. |
Access Control: This command should be executable by all. It should be owned by root and should be setuid.
USER_Paginit
paginit -R FPKI
The user is authenticated using
the registry FPKI, which is defined in the /usr/lib/security/methods.cfg file.
A PAG is associated with the current process credentials.