dacsinfocard

DACSINFOCARD(1)              DACS Commands Manual              DACSINFOCARD(1)



NAME
       dacsinfocard - manage InfoCard accounts

SYNOPSIS
       dacsinfocard [dacsoptions[1]]

DESCRIPTION
       This program is part of the DACS suite.

       The dacsinfocard command manages accounts that are used by the
       local_infocard_authenticate[2] authentication module. This utility
       serves a similar purpose for these authentication modules that the
       dacspasswd(1)[3] command does for its local_passwd_authenticate[4]
       module.

       Apart from their use by local_infocard_authenticate, these accounts are
       completely separate from any other accounts.

           Security
           The digest algorithm used depends on the INFOCARD_DIGEST[5]
           directive in effect.

           Plaintext PPIDs are not stored. This makes it more difficult for an
           attacker that gains access to the InfoCard account file to discover
           PPIDs.

           Only a DACS administrator should be able to successfully run this
           program from the command line. Because DACS keys and configuration
           files, including the file used to store accounts, must be
           restricted to an administrator, this will normally be the case, but
           a careful administrator will set file permissions to deny access to
           all other users. An ordinary user is able to change his own
           InfoCard registration using the dacs_infocard(8)[6] web service.

       This program is also available as a DACS web service,
       dacs_infocard(8)[6].

OPTIONS
       The dacsinfocard command recognizes these command line flags:

EXAMPLES
       To list all of the InfoCard accounts configured for the jurisdiction
       named INFOCARDS:

           % dacsinfocard -uj INFOCARDS -list
           DSS::INFOCARDS:bob managed,istatic,enabled,passwd
           DSS::INFOCARDS:alice managed,istatic,disabled,passwd

       To re-enable the alice account:

           % dacsinfocard -uj INFOCARDS -ena alice

       To test if alice's account is enabled:

           % dacsinfocard -uj INFOCARDS -test ena alice
           % echo $status
           0

       To test if there are accounts for usernames bob and carol:

           % dacsinfocard -uj INFOCARDS -test exists carol
           % echo $status
           0
           % dacsinfocard -uj INFOCARDS -test exists bob
           % echo $status
           1

       To get the private data for username bob:

           % set x=`dacsinfocard -uj INFOCARDS -pdg bob`
           % echo "$x"
           On vacation


DIAGNOSTICS
       The program exits 0 if everything was fine, and non-zero otherwise. A
       "false" outcome from the -test operation is reflected by an exit status
       of 1. An error condition is indicated by an exit status of 2.

BUGS
       As this is a relatively new and complicated feature, please test
       carefully.

SEE ALSO
       dacs_infocard(8)[6], dacsauth(1)[7], dacs_authenticate(8)[8],
       dacs_admin(8)[9], dacs.conf(5)[10], Using InfoCards With DACS[11]

AUTHOR
       Distributed Systems Software (www.dss.ca[12])

COPYING
       Copyright2003-2012 Distributed Systems Software. See the LICENSE[13]
       file that accompanies the distribution for licensing information.

NOTES
        1. dacsoptions
           http://dacs.dss.ca/man/dacs.1.html#dacsoptions

        2. local_infocard_authenticate
           http://dacs.dss.ca/man/dacs_authenticate.8.html#local_infocard_authenticate

        3. dacspasswd(1)
           http://dacs.dss.ca/man/dacspasswd.1.html

        4. local_passwd_authenticate
           http://dacs.dss.ca/man/dacs_authenticate.8.html#local_passwd_authenticate

        5. INFOCARD_DIGEST
           http://dacs.dss.ca/man/dacs.conf.5.html#INFOCARD_DIGEST

        6. dacs_infocard(8)
           http://dacs.dss.ca/man/dacs_infocard.8.html

        7. dacsauth(1)
           http://dacs.dss.ca/man/dacsauth.1.html

        8. dacs_authenticate(8)
           http://dacs.dss.ca/man/dacs_authenticate.8.html

        9. dacs_admin(8)
           http://dacs.dss.ca/man/dacs_admin.8.html

       10. dacs.conf(5)
           http://dacs.dss.ca/man/dacs.conf.5.html

       11. Using InfoCards With DACS
           http://dacs.dss.ca/man/using-infocards-with-dacs.html

       12. www.dss.ca
           http://www.dss.ca

       13. LICENSE
           http://dacs.dss.ca/man/../misc/LICENSE



DACS 1.4.28b                      02/04/2014                   DACSINFOCARD(1)