Tom Williams (tom.williams@diversifiedsoftware.com) wrote:
: Hi! We're running HP-UX 11i on an L-Class HP9000 server. We've found
: that we need to recompile an app we're developing as we change between
: our system being untrusted and trusted. However, we're running DB2
: UDB 7.1 on the box and it can authenticate just fine when our system
: is trusted or untrusted and we don't have to recompile DB2, obviously.

interesting.

: We haven't found any good doc or guidelines on developing software on
: HP trusted and untrusted systems and user authentication. We've found
: when the system is trusted, we must use different system calls to
: perform the authentication than when the system in untrusted.

For the most part your not making system calls as section 3 calls are
library calls.

For specific documents or guidelines, I haven't found anything. There is
docs on installing and managing the systems on docs.hp.com. I guess the
best reference for programming is the varaious manpages. You can start
with authcap(4) or prpwd(4) and follow the SEE ALSO's. You should also
check out iscomsec(2) to tell if the system is trusted or not. For normal
systems then the getpwent(3C) family is the one to use.

: Where can we find info on developing apps that will authenticate users
: successfully regardless of the system being trusted or untrusted?

Manpages is the best I can come up with. use the getprpw* family of calls
for trusted and the getpw* family for non-trusted. Use iscomsec(2) to
sort out the difference.


--
Jim Hollenback
jholly@cup.hp.com
my opinion.