All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface com.sgi.sysadm.util.PrivBroker

public interface PrivBroker
PrivBroker provides an interface that clients use to access privileged commands. Commands can be checked, added, and run.

For more information on privileges, see the following Irix man pages:

PrivBroker instances are normally obtained via HostContext.

All of the runPriv methods return a java.lang.Process. All further interaction with the privileged command, including error handling, happens with the Process.

checkPrivs will succeed if the user is privileged or if the correct root password was passed to setPassword. Similarly, runPriv will actually run the privileged command if the user is privileged or if the correct root password was passed to setPassword. If neither of these conditions are met, the runpriv(1M) command will exit with a non-zero exit status without executing the privileged command. The caller can detect this situation by monitoring the Process returned by runPriv.

addPrivs will only succeed if the correct root password was passed to setPassword.

See Also:
HostContext, Process

Variable Index

 o REASON_NO_SUCH_PRIV
When the user has referenced a privilege that does not exist, REASON_NO_SUCH_PRIV is returned by ResultEvent.getResult in failed callbacks to the ResultListener passed to checkPrivs or addPrivs.
 o REASON_NOT_PRIVILEGED
When the user is not privileged to perform a requested operation, REASON_NOT_PRIVILEGED is returned by ResultEvent.getResult in failed callbacks to the ResultListener passed to checkPrivs or addPrivs.

Method Index

 o addPrivs(String[], String, ResultListener)
Add a set of privileges for the user.
 o checkPassword(ResultListener)
Check that the current password (set via setPassword) is valid.
 o checkPrivs(String[], ResultListener)
Check to see if we have a set of privileges.
 o runPriv(String, AttrBundle)
Run a privileged command with arguments derived from an AttrBundle.
 o runPriv(String, String)
Run a privileged command with arguments parsed from a String.
 o runPriv(String, String[])
Run a privileged command with an array of String arguments.
 o setPassword(String)
Set the password to be used in subsequent runPriv, checkPrivs, or addPrivs calls.

Variables

 o REASON_NOT_PRIVILEGED
 public static final Object REASON_NOT_PRIVILEGED
When the user is not privileged to perform a requested operation, REASON_NOT_PRIVILEGED is returned by ResultEvent.getResult in failed callbacks to the ResultListener passed to checkPrivs or addPrivs.

 o REASON_NO_SUCH_PRIV
 public static final Object REASON_NO_SUCH_PRIV
When the user has referenced a privilege that does not exist, REASON_NO_SUCH_PRIV is returned by ResultEvent.getResult in failed callbacks to the ResultListener passed to checkPrivs or addPrivs.

Methods

 o setPassword
 public abstract void setPassword(String password)
Set the password to be used in subsequent runPriv, checkPrivs, or addPrivs calls.

password is the plain-text root password. It is used in conjunction with the -auth argument to runpriv (see the runpriv(1M) Irix man page).

setPassword does not check the validity of password. Use checkPassword to determine whether password is valid.

Parameters:
password - Password to be used in subsequent calls.
 o checkPassword
 public abstract void checkPassword(ResultListener listener)
Check that the current password (set via setPassword) is valid.

Parameters:
listener - Gets notified with the result of the check.
 o runPriv
 public abstract Process runPriv(String privilege,
                                 String args)
Run a privileged command with arguments parsed from a String.

Parameters:
privilege - Privilege to run.
args - Arguments to the privileged command.
Returns:
Process representing the privileged command.
 o runPriv
 public abstract Process runPriv(String privilege,
                                 String args[])
Run a privileged command with an array of String arguments.

Parameters:
privilege - Privilege to run.
args - Arguments to the privileged command.
Returns:
Process representing the privileged command.
 o runPriv
 public abstract Process runPriv(String privilege,
                                 AttrBundle args)
Run a privileged command with arguments derived from an AttrBundle. The command line will look like this:

runpriv privilege key0=value0 key1=value1 ...

where the key and value arguments are the keys and values of the Attributes in the AttrBundle args.

For more detail on how command line arguments are passed, see the C header file:
/usr/include/sysadm/SaParam.h

Parameters:
privilege - Privilege to run.
args - Arguments to the privileged command.
Returns:
Process representing the privileged command.
 o checkPrivs
 public abstract void checkPrivs(String privs[],
                                 ResultListener listener)
Check to see if we have a set of privileges. checkPrivs will fail if any of the privs is missing from the user's set of privileges.

Parameters:
privs - Set of privileges to check.
listener - Gets notified of the result of the check.
 o addPrivs
 public abstract void addPrivs(String privs[],
                               String user,
                               ResultListener listener)
Add a set of privileges for the user. After privileges have been added, the user will no longer need to provide the root password to execute the privileged commands corresponding to the privileges which were added.

Parameters:
privs - Set of privileges to add.
user - user name to add privileges for.
listener - Gets notified of the result of the add.

All Packages  Class Hierarchy  This Package  Previous  Next  Index