Portions Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
This manual page is derived from documentation obtained from the OpenSC organization (www.opensc-project.org). This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
/usr/lib/pam_pkcs11/pkcs11_inspect [debug] [config_file=filename]
pkcs11_inspect uses the pam_pkcs11 library infrastructure to obtain the content of a certificate and display it.
pkcs11_inspect uses the same configuration file and arguments as the pam_pkcs11(5) PAM module. It loads defined mapper modules, and uses them to look into the certificate for required entries, that is, ms_mapper looks for ms UPN entries, and so forth.
When a mapper module finds a proper entry in the certificate, it converts to UTF-8 and prints it to stdout.
The following options are supported:
config_file=fileame
Set the configuration file. The default value is /etc/security/pam_pkcs11/pam_pkcs11.conf.
debug
Enable debugging output.
As it uses the same configuration file as pam_pkcs11(5), all of the pam_pkcs11 options are available. Some of these options make no sense in a non-PAM environment, and are therefore ignored. Some mapper options (mapfile, ignorecase) have no effect on certificate contents, and they are ignored as well.
The following exit values are returned:
0
Successful completion. pkcs11_inspect prints on stdout all certificate contents that are found for mappers.
1
An error occurred.
Example 1 Using pkcs_inspect
The following example runs the pkcs_inspect command without any options:
% pkcs11_inspect
Example 2 Using pkcs_inspect with Options
The following example runs the pkcs_inspect command with options:
% pkcs11_inspect debug config_file=${HOME}/.pam_pkcs11.conf
/etc/security/pam_pkcs11/pam_pkcs11.conf
Juan Antonio Martinez, jonsito@teleline.es
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availability | library/security/pam/module/pam-pkcs11 |
Interface Stability | Uncommitted |
pklogin_finder(1), attributes(5), pam_pkcs11(5)
PAM-PKCS11 User Manual, http://www.opensc-project.org/pam_pkcs11