illumos: manual page: qop.5

MECH(5) Standards, Environments, and Macros MECH(5)

NAME

mech, qop - mechanism and QOP files

SYNOPSIS

/etc/gss/mech
/etc/gss/qop

DESCRIPTION

The /etc/gss/mech and /etc/gss/qop files contain tables showing installed
security mechanisms and the Quality of Protection (QOP) associated with
them, respectively. As security mechanisms are installed on the system,
entries are added to these two files. Contents of these files may be
accessed either manually or programmatically. For example, manually with
cat(1) or more(1), or programmatically with either
rpc_gss_get_mechanisms(3NSL) or rpc_gss_get_mech_info(3NSL).

The order of entries in the /etc/gss/mech file is significant: the order
should be from the most preferred to the least preferred mechanisms.

The /etc/gss/mech file contains five fields:

mechanism name

ASCII string representing the mechanism.

object identifier

RPC OID for this mechanism.

shared library

Shared library which implements the services provided by this
mechanism.

kernel module

Kernel module which implements the services provided by this
mechanism.

library options (optional field)

Optional parameters that are interpreted by the individual mechanism
with which they are associated. Specific supported options are
described in the documentation for the individual mechanism, if any.
Not all mechanisms have support for optional parameters. library
options must be enclosed in brackets ([ ]) so they may be
differentiated from the optional kernel module entries.

The /etc/gss/qop file contains three fields:

QOP string
Name, in ASCII, of this Quality of Protection.

QOP value
Numeric value by which RPC identifies this QOP.

mechanism name
ASCII string representing the mechanism with which
this QOP is associated.

EXAMPLES

Example 1: A Typical Entry in /etc/gss/mech

This is a typical entry in a /etc/gss/mech file:

kerberosv5 1.2.840.113554.1.2.2 mech_krb5.so kmech_krb5

Example 2: A Typical Entry in /etc/gss/qop