Provided by: dacs_1.4.28b-3ubuntu2_amd64 bug


       dacsinfocard - manage InfoCard accounts


       dacsinfocard [dacsoptions[1]]


       This program is part of the DACS suite.

       The dacsinfocard command manages accounts that are used by the
       local_infocard_authenticate[2] authentication module. This utility serves a similar
       purpose for these authentication modules that the dacspasswd(1)[3] command does for its
       local_passwd_authenticate[4] module.

       Apart from their use by local_infocard_authenticate, these accounts are completely
       separate from any other accounts.

           The digest algorithm used depends on the INFOCARD_DIGEST[5] directive in effect.

           Plaintext PPIDs are not stored. This makes it more difficult for an attacker that
           gains access to the InfoCard account file to discover PPIDs.

           Only a DACS administrator should be able to successfully run this program from the
           command line. Because DACS keys and configuration files, including the file used to
           store accounts, must be restricted to an administrator, this will normally be the
           case, but a careful administrator will set file permissions to deny access to all
           other users. An ordinary user is able to change his own InfoCard registration using
           the dacs_infocard(8)[6] web service.

       This program is also available as a DACS web service, dacs_infocard(8)[6].


       The dacsinfocard command recognizes these command line flags:


       To list all of the InfoCard accounts configured for the jurisdiction named INFOCARDS:

           % dacsinfocard -uj INFOCARDS -list
           DSS::INFOCARDS:bob managed,istatic,enabled,passwd
           DSS::INFOCARDS:alice managed,istatic,disabled,passwd

       To re-enable the alice account:

           % dacsinfocard -uj INFOCARDS -ena alice

       To test if alice's account is enabled:

           % dacsinfocard -uj INFOCARDS -test ena alice
           % echo $status

       To test if there are accounts for usernames bob and carol:

           % dacsinfocard -uj INFOCARDS -test exists carol
           % echo $status
           % dacsinfocard -uj INFOCARDS -test exists bob
           % echo $status

       To get the private data for username bob:

           % set x=`dacsinfocard -uj INFOCARDS -pdg bob`
           % echo "$x"
           On vacation


       The program exits 0 if everything was fine, and non-zero otherwise. A "false" outcome from
       the -test operation is reflected by an exit status of 1. An error condition is indicated
       by an exit status of 2.


       As this is a relatively new and complicated feature, please test carefully.


       dacs_infocard(8)[6], dacsauth(1)[7], dacs_authenticate(8)[8], dacs_admin(8)[9],
       dacs.conf(5)[10], Using InfoCards With DACS[11]


       Distributed Systems Software ([12])


       Copyright2003-2012 Distributed Systems Software. See the LICENSE[13] file that accompanies
       the distribution for licensing information.


        1. dacsoptions

        2. local_infocard_authenticate

        3. dacspasswd(1)

        4. local_passwd_authenticate


        6. dacs_infocard(8)

        7. dacsauth(1)

        8. dacs_authenticate(8)

        9. dacs_admin(8)

       10. dacs.conf(5)

       11. Using InfoCards With DACS


       13. LICENSE