CHECKPRIV(1M)                                                    CHECKPRIV(1M)


NAME
     checkpriv - check to see if the current user is privileged

SYNOPSIS
     /usr/sysadm/bin/checkpriv [ -auth auth-scheme ] [-reason ] privilege [
     privilege ] ...
     /usr/sysadm/bin/checkpriv [ -auth auth-scheme ] [-reason ] -authOnly

DESCRIPTION
     checkpriv checks to see if you have been granted privilege.  If checkpriv
     indicates that you do have privilege, then runpriv(1M) would run the
     command privilege found in the directory /usr/sysadm/privbin on your
     behalf.

     checkpriv indicates that you have privilege if any one of the following
     conditions are met:

     1.   You are running as root.

     2.   There is no root password on the system.

     3.   The file /var/sysadm/defaultPrivileges/privilege exists and has the
          string "on" as its first line (see defaultPrivileges(4)).

     4.   There is an entry in the privilegedUsers(4) database granting you
          all privileges.

     5.   There is an entry in the privilege(4) database granting the
          requested privilege, and you are not an NIS user.  Multiple
          privileges can be specified with one checkpriv command.  There must
          be an entry for each privilege specified.

     6.   The -auth auth-scheme arguments are provided, and you pass the
          authentication test.  If auth-scheme is unix, then must you type the
          root password when prompted in order to pass.

     Checks 3, 4, and 5 will automatically fail if the privileges
     configuration file in /etc/config is not on (see chkconfig(1M)).

     If the -reason argument is supplied, then if checkpriv succeeds it will
     print a number corresponding to the reason that it succeeded.  The number
     printed corresponds to the numbering scheme in the preceding paragraph.

     The -authOnly argument is used to check authentication parameters without
     consulting the privilege database.  This is used to verify that
     authentication parameters are correct for operations which are not
     privileges, such as addpriv(1M).

DIAGNOSTICS
     If you have privilege, checkpriv exits with a status of 0.  Otherwise,
     checkpriv exits with a non-zero exit status.


FILES
     /var/sysadm/privilege               Privilege database
     /var/sysadm/privilegedUsers         Privileged users database
     /var/sysadm/defaultPrivileges/*     Default privileges
     /etc/config/privileges              Privilege configuration flag

SEE ALSO
     sysmgr(1M), runpriv(1M), addpriv(1M), rmpriv(1M), adddefpriv(1M),
     rmdefpriv(1M), addprivuser(1M), rmprivuser(1M), chkconfig(1M),
     privilege(4), defaultPrivileges(4), privilegedUsers(4).


                                                                        Page 2