ale -- lock and update authentication files


/tcb/bin/ale file program [ arguments ]


ale allows the authentication administrator to execute shell scripts that update authentication files while in multiuser mode. The auth subsystem and chown kernel privileges are required to run ale.

file is the absolute pathname of the authentication file to be locked during the update. program is the name of the shell script to perform the update, which must reside in the /tcb/lib/auth_scripts directory. arguments are the arguments to be passed to the script.

ale participates in the TCB locking protocol in attempting to create a lockfile named file-t. If it is successful, the shell script is executed by the Bourne shell. The script can then edit file, putting the results into file-t. If the script successfully completes its updates, it will exit with a code of 0. This signals ale to unlock the file. It renames file to file-o, file-t to file, and finally removes file-o. While the file-t is present, no other utility observing the TCB locking protocol will update file.

If the shell script cannot complete the update it should exit with a code of 1, which tells ale a problem has occurred. ale then displays an error message, removes file-t and leaves file unchanged. If the shell script finds there is no updating to be done it should exit with a code of 2, and ale removes file-t and leaves file unchanged.

To access authentication files, ale executes the shell scripts with both real and effective group IDs set to auth, and the user IDs set to the real user ID of the user who called ale.

Exit values

If ale detects an error, it displays an appropriate error message and exits with code 1. Otherwise ale returns the exit status of program.


Care should be taken when writing scripts which update authentication data. If files are incorrectly updated it could cause the system to refuse further logins.


ale checks the permissions on the complete paths of file, program and the File Control database itself against their entries in the File Control database. If any discrepancies are found, an appropriate ``may be compromised'' message (including the pathname) is displayed and an entry is written to the audit trail. integrity(ADM) and fixmog(ADM) can be used to analyze and fix the problem.


File Control database

Group file

User Authentication database

System Authentication database

See also

authcap(F), rmuser(ADM), ttyupd(ADM), unretire(ADM)

Standards conformance

ale is not part of any currently supported standard; it is an extension of AT&T System V provided by The Santa Cruz Operation, Inc.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003