NAME
mxauth - Systems Insight Manager Authorization file format
SYNOPSIS
mxauth
DESCRIPTION
The mxauth command supports reading and writing authorization
information in the eXtensible Markup Language (XML) format. You may
use this capability to add, or remove multiple authorizations in the
Systems Insight Manager environment. Each file may contain the
definitions of one or more authorization.
Document Type Definition
The Document Type Definition (DTD) file defines the constraints for an
XML file. These constraints include the valid element tags,
attributes, and the cardinality of elements in an XML file. The
authorization DTD file is named authlist.dtd and is included in the
following paragraph. Note that due to man page formatting, the DTD
contents may not appear the same as in the file.
<?xml version="1.0" encoding="UTF-8" ?>
<!-- READ THIS FIRST! This file is intentionally formatted with a
right margin set at 70. This allows the DTD file to be pasted
directly into the mxauth(4) man page file. Please respect this
constraint when editing this file. After edits are final for
a given release, please paste the final DTD version in the
mxauth(4) man page to keep the documentation current. -->
<!-- The authlist consists of 0 or more node-authorization or
node-group-authorization elements.
-->
<!ELEMENT auth-list ( node-authorization |
node-group-authorization )* >
<!-- The node-authorization element is an empty element with three
attributes:
The user-name attribute specifies the user name portion of the
authorization and is required.
The toolbox-name attribute specifies the toolbox name portion of the
authorization. This attribute should be specified. If neither the role name
or the toolbox name is specified the authorization is invalid. If both are
specified, only the toolbox name is used.
DEPRECATED: The role-name attribute specifies the toolbox name portion of
the authorization. This attribute provides backward compability with
previous versions of this product but should not be used. Use the
toolbox-name in its stead.
The node-name attribute specifies the node name portion of the
authorization.
-->
<!ELEMENT node-authorization EMPTY >
<!ATTLIST node-authorization user-name CDATA #REQUIRED
toolbox-name CDATA #IMPLIED
role-name CDATA #IMPLIED
node-name CDATA #REQUIRED >
<!-- The node-group-authorization element is an empty element with
three attributes:
The user-name attribute specifies the user name portion of the
authorization.
The toolbox-name attribute specifies the toolbox name portion of the
authorization. This attribute should be specified. If neither the role name
or the toolbox name is specified the authorization is invalid. If both are
specified, only the toolbox name is used.
DEPRECATED: The role-name attribute specifies the toolbox name portion of
the authorization. This attribute provides backward compability with
previous versions of this product but should not be used. Use the
toolbox-name in its stead.
The node-group-name attribute specifies the node group name
portion of the authorization
-->
<!ELEMENT node-group-authorization EMPTY >
<!ATTLIST node-group-authorization user-name CDATA #REQUIRED
toolbox-name CDATA #IMPLIED
role-name CDATA #IMPLIED
node-group-name CDATA #REQUIRED >
Elements
As defined in the DTD, the authorization XML file may contain the
following elements.
The first line of an authorization XML file should be in the following
format:
<?xml version="1.0" encoding="encoding-value" ?>
where the user substitutes a recognized encoding value for the
encoding-value parameter. The recognized encoding values may be found
at the following web site:
http://www.iana.org/assignments/character-sets
If no XML header line is specified, the system defaults encoding to
"UTF-8".
The "auth-list" element must appear once in an authorization XML file
and wraps the list of authorization information. The "auth-list"
element may contain zero or more "node-authoriztion" elements or zero
or more "node-group-authorization" elements or a combination of both.
Note that if the "auth-list" element contains no other elements, the
mxauth command will execute with no effect.
The "node-authorization" and "node-group-authorization" elements are
both empty element, that is, they contain no other elements.
Additionally, they both have three mandatory attributes.
The "user-name" attribute is mandatory and specifies the user name
associated with the authorization. The "user-name" attribute is part
of both the "node-authorization" and "node-group-authorization"
elements.
The "toolbox-name" attribute is mandatory and specifies the toolbox
name associated with the authorization. The "toolbox-name" attribute
is part of both the "node-authorization" and "node-group-
authorization" elements.
The "node-name" attribute is mandatory and specifies the node name
associated with the node authorization. The "node-name" attribute is
part of the "node-authorization" element.
The "node-group-name" attribute is mandatory and specifies the node
group name associated with the node group authorization. The "node-
group-name" attribute is part of the "node-group-authorization"
element.
Commenting
Comments may be included in XML files. The comment must begin with
the characters "<!--" and end with the characters "-->". Comments may
span multiple lines within the beginning and ending character tags.
Examples
This section contains an example of an authorization XML file.
This example shows a file containing two node authorizations and one
node group authorization. Note that XML ignores white space between
elements and attributes so the spacing in the example is arbitrary.
<?xml version="1.0" encoding="UTF-8"?>
<auth-list>
<node-authorization user-name="root"
toolbox-name="operator"
node-name="scmlin28.fc.hp.com" />
<node-authorization user-name="root"
toolbox-name="dbadmin"
node-name="scmlin28.fc.hp.com" />
<node-authorization user-name="root"
toolbox-name="Master Toolbox"
node-name="scmlin28.fc.hp.com" />
<node-group-authorization user-name="root"
toolbox-name="dbadmin"
node-group-name="group1" />
</auth-list>
LIMITATIONS
This command may only be run on the CMS.
AUTHOR
mxauth was developed by the Hewlett-Packard Company.
SEE ALSO for HP-UX
mxauth(1M), mxuser(1M), mxtoolbox(1M), mxnode(1M), mxngroup(1M)
SEE ALSO for Linux
mxauth(8), mxuser(8), mxtoolbox(8), mxnode(8), mxngroup(8)