3 keyfs, warning \- authentication database files
29 serves a two-level file tree for manipulating authentication information.
30 It runs on the machine providing authentication service for the local
31 Plan 9 network, which may be a dedicated authentication server or
33 The programs described in
37 as their interface to the authentication database.
40 reads and decrypts file
44 using the DES or AES key,
45 which is by default read from
52 prompts for a password from which the key is derived.
54 holds a 41-byte (57-byte for AES) record for each user in the database.
55 Each record contains the user's name,
68 The status is a byte containing
69 binary 0 if the account is enabled,
71 Warning status is a byte containing
72 the number of user expiration notifications.
73 The expiration date is four-byte little-endian integer
74 which represents the time in seconds since the epoch
77 at which the account will expire.
78 The secret password is a null-terminated
83 If any changes are made to the database that affect the information stored in
85 a new version of the file is written.
87 There are two authentication databases,
88 one for Plan 9 user information,
89 and one for SecureNet user information.
90 A user need not be installed in both databases
91 but must be installed in the Plan 9 database to connect to a Plan 9 server.
94 serves an interpretation of the
96 in the file tree rooted at
104 is represented as the directory
107 Making a new directory in
109 creates a new user entry in the database.
110 Removing a directory removes the user entry,
111 and renaming it changes the name in the entry.
112 Such changes are reflected immediately in
115 does not allow duplicate names when creating or renaming user entries.
117 All files in the user directories except for
123 strings with a trailing newline when read,
124 and should be written as
126 strings with or without a trailing newline.
130 encryption key for the user.
136 The following files appear in the user directories.
140 The authentication key for the user.
141 If the user's account is disabled or expired,
142 reading this file returns an error.
145 changes the key in the database.
148 The AES encryption key for the user.
154 The number of consecutive failed authentication attempts for the user.
157 increments this number; writing
160 This number is not stored in
162 and is initialized to 0 when
165 When the number reaches a multiple of ten,
167 temporarily disables the account for that many seconds.
172 files during this time return the error
173 ``user in purgatory.''
176 The current status of the account, either
188 The expiration time for the account.
189 When read, it contains either the string
191 or the time in seconds since the epoch
192 that the account will expire.
193 When written with strings of the same form,
194 it sets the expiration date for the user.
195 If the expiration date is reached,
196 the account is not disabled,
199 cannot be read without an error.
208 once every 24 hours to mail people about expiring keys.
209 Warnings are sent 14 days and 7 days prior to expiration.
218 to restrict the warnings to
219 the Plan 9 or SecureNet database.
226 own default is to warn about both.
231 are used to find the mail addresses to send to.
232 The first word on each line identifies
234 Any subsequent strings on the line delimited '<' and '>' are considered mail
235 addresses to send warnings to.
236 If multiple lines match a user, the last in the file is used.
240 adds lines to these files.
245 Encrypted key file for the Plan 9 database.
248 Encrypted key file for the SecureNet database.
251 List of users in the Plan 9 database.
254 List of users in the SecureNet database.
257 The non-volatile RAM on the server, which holds the key used
258 to decrypt key files.
260 .B /sys/src/cmd/auth/keyfs.c
262 .B /sys/src/cmd/auth/warning.c