NAME

      mxauth - Systems Insight Manager Authorization file format

SYNOPSIS

      mxauth

DESCRIPTION

      The mxauth command supports reading and writing authorization
      information in the eXtensible Markup Language (XML) format. You may
      use this capability to add, or remove multiple authorizations in the
      Systems Insight Manager environment.  Each file may contain the
      definitions of one or more authorization.

    Document Type Definition
      The Document Type Definition (DTD) file defines the constraints for an
      XML file. These constraints include the valid element tags,
      attributes, and the cardinality of elements in an XML file. The
      authorization DTD file is named authlist.dtd and is included in the
      following paragraph.  Note that due to man page formatting, the DTD
      contents may not appear the same as in the file.

      <?xml version="1.0" encoding="UTF-8" ?>

      <!-- READ THIS FIRST! This file is intentionally formatted with a
	   right margin set at 70. This allows the DTD file to be pasted
	   directly into the mxauth(4) man page file. Please respect this
	   constraint when editing this file. After edits are final for
	   a given release, please paste the final DTD version in the
	   mxauth(4) man page to keep the documentation current. -->

      <!-- The authlist consists of 0 or more node-authorization or
	   node-group-authorization elements. -->
      <!ELEMENT auth-list ( node-authorization |
			    node-group-authorization )* >

      <!-- The node-authorization element is an empty element with three
	   attributes: -->
      <!-- The role-name attribute specifies the role name portion of the
	   authorization. -->
      <!-- The user-name attribute specifies the user name portion of the
	   authorization -->
      <!-- The node-name attribute specifies the node name portion of the
	   authorization -->
      <!ELEMENT node-authorization EMPTY >
      <!ATTLIST node-authorization user-name CDATA #REQUIRED
				   role-name CDATA #REQUIRED
				   node-name CDATA #REQUIRED >

      <!-- The node-group-authorization element is an empty element with
	   three attributes: -->
      <!-- The user-name attribute specifies the user name portion of the

	   authorization -->
      <!-- The role-name attribute specifies the role name portion of the
	   authorization -->
      <!-- The node-group-name attribute specifies the node group name
	   portion of the authorization -->
      <!ELEMENT node-group-authorization EMPTY >
      <!ATTLIST node-group-authorization user-name CDATA #REQUIRED
					 role-name CDATA #REQUIRED
					 node-group-name CDATA #REQUIRED >

    Elements
      As defined in the DTD, the authorization XML file may contain the
      following elements.

      The first line of an authorization XML file should always be the
      following:
      <?xml version="1.0" encoding="UTF-8" ?>

      The "auth-list" element must appear once in an authorization XML file
      and wraps the list of authorization information. The "auth-list"
      element may contain zero or more "node-authoriztion" elements or zero
      or more "node-group-authorization" elements or a combination of both.
      Note that if the "auth-list" element contains no other elements, the
      mxauth command will execute with no effect.

      The "node-authorization" and "node-group-authorization" elements are
      both empty element, that is, they contain no other elements.
      Additionally, they both have three mandatory attributes.
      The "user-name" attribute is mandatory and specifies the user name
      associated with the authorization. The "user-name" attribute is part
      of both the "node-authorization" and "node-group-authorization"
      elements.
      The "role-name" attribute is mandatory and specifies the role name
      associated with the authorization. The "role-name" attribute is part
      of both the "node-authorization" and "node-group-authorization"
      elements.
      The "node-name" attribute is mandatory and specifies the node name
      associated with the node authorization. The "node-name" attribute is
      part of the "node-authorization" element.
      The "node-group-name" attribute is mandatory and specifies the node
      group name associated with the node group authorization. The "node-
      group-name" attribute is part of the "node-group-authorization"
      element.

    Commenting
      Comments may be included in XML files.  The comment must begin with
      the characters "<!--" and end with the characters "-->". Comments may
      span multiple lines within the beginning and ending character tags.

    Examples
      This section contains an example of an authorization XML file.
      This example shows a file containing two node authorizations and one
      node group authorization. Note that XML ignores white space between
      elements and attributes so the spacing in the example is arbitrary.

      <?xml version="1.0" encoding="UTF-8"?>
      <auth-list>
	  <node-authorization user-name="root"
			      role-name="operator"
			      node-name="scmlin28.fc.hp.com" />
	  <node-authorization user-name="root"
			      role-name="dbadmin"
			      node-name="scmlin28.fc.hp.com" />
	  <node-authorization user-name="root"
			      role-name="Master Role"
			      node-name="scmlin28.fc.hp.com" />
	  <node-group-authorization user-name="root"
				    role-name="dbadmin"
				    node-group-name="group1" />
      </auth-list>

LIMITATIONS

      This command may only be run on the CMS.

AUTHOR

      mxauth was developed by the Hewlett-Packard Company.

SEE ALSO for HP-UX

      mxauth(1M), mxuser(1M), mxrole(1M), mxnode(1M), mxngroup(1M)

SEE ALSO for Linux

      mxauth(8), mxuser(8), mxrole(8), mxnode(8), mxngroup(8)