Reference Guide › Utilities › secons Utility › secons Utility—Manage Resource Caching on UNIX

secons Utility—Manage Resource Caching on UNIX

Valid on UNIX

The secons utility manages resource caching (file cache) on UNIX. The cache, a runtime table, "remembers" the previous answer to an authorization request (permit or deny) for resources in the FILE class. When an identical authorization is requested, the request is answered with the last response that was stored in the cache memory tables.

This command has the following format:

secons [-C+] [-C-] [-CA value] [-CC interval] [-CD] \

[-CF value] [-CI init_value] [-CP interval] -CU value]

‑C+

Enables caching of file authorization.

‑C‑

Disables caching of file authorization.

‑CA value

Specifies the maximum number of authorization records in a table.

Default: 80

Limits: A number between 1 and 800

‑CC interval

Specifies the cache clean interval in minutes.

Default: 60

Limits: A number greater than 0

‑CD

Displays the cache table to the standard output.

‑CF value

Specifies the maximum number of file records in a table.

Default: 20

Limits: A number between 1 and 200

‑CI init_value

Specifies the initial priority value for a new record in the cache table.

Default: 10

‑CP interval

Specifies the cache priority computing interval.

Default: 1 (one record)

Limits: A number between 1 and 10

‑CU value

Specifies the maximum number of user records in a table.

Default: 50

Limits: A number between 1 and 500

Example: Change cache settings

The following example shows you how you can change settings of the cache so that the maximum number of file, user, and authorization records in the cache are 60:

secons -CF 60 -CU 60 -CA 60

Example: Display the cache table

The following example shows the output of the secons -CD command:

=============================================================================
       	FILE CACHE (configuration, statistics, and dispatcher data)
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
sizes(bytes)       tables:                | max records:      | intervals
cache   head      files    users    auth  | files users auths |clean prio
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
40244    44        5600     4200    30400 |  20    50    80   |   60   1
===========================================================================
table  |statistics        | priority    |min | rec  | average      |pri |init
name   |  hits misses (ok)| maxim  minim|ind | used | usage   life |fact|prio
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
files  |    5     1   83% |   0      0  |  0 |   1  |              |    |
users  |    5     1   83% |  10      2  |  0 |   1  |  0       0   |  1 | 10
auths  |    4     2   66% |   2         |  0 |   2  |              |    |
===========================================================================
FILE TABLE
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
No  type    pid priority user                              file name
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
0   EXPL    372      0    0                                   /etc/shadow
===========================================================================
USER TABLE
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
No   user name     prio   life   used   UID  EUID  RUID auth prev(file)next
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
0    root           2       2      7     0    0     0    0    50(   0)  50
===========================================================================
AUTHORIZATION RESULT TABLE  (R ‑ Result: 'P'‑permit, 'D'‑deny ...)
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
No  R ACEE acc  Log stage prv(usr)nxt time       terminal  program 
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
0   P   6  read  0  00036 80(  0)  1   07:48:25            /usr/bin/login
===========================================================================

The following explains the preceding output:

The output consists of five parts:

• The cache configuration. It contains the following fields:
  • Size of the cache (in bytes)
  • Size of the cache header (in bytes)
  • Size of the file table (in bytes)
  • Size of the user table (in bytes)
  • Size of the results table (in bytes)
  • The maximum number of file records
  • The maximum number of user records
  • The maximum number of result records
  • Statistic: hits in the table
• The table of file records. It contains the following fields:
  • Sequential number of the record
  • Type of the file (EXPLICIT, IMPLICIT)
  • Process ID number
  • Priority of the record, is sum of its users priorities
  • Appropriate user record number in the table of users
  • Name of the file
• The table of users. It contains the following fields:
  • Sequential number of the record
  • User name
  • Priority of the record
  • Record lifetime counter
  • Record usage counter
  • User ID; user effective ID; really used by security ID
  • Appropriate authorization record number in the table of authorization
  • Previous user record number in the chain of users
  • Appropriate file record number
  • Next user record in the chain of users
• The table of authorization results. It contains the following fields:
  • Terminal
  • Stage
  • Granted stage
  • Result - authorization result (P or D)
  • ACEE number
  • Access type
  • Logging options flag value
  • The stage number the decision was made
  • Previous authorization record number in the chain of records
• Appropriate user record number
  • Next authorization record number in the chain of records
  • Statistic: the number of missed records in the table
  • Authorization class
  • Program name (with the via parameter)
  • Notification string
  • Update time (GMT)
• Dispatcher Data. It contains the following fields:
  • Statistic: number of missed records in the table
  • Statistic: number of hits in the table
  • Maximum priority in a table
  • Minimum priority in a table
  • Number of entries with minimum priority
  • Number of used records
  • Average usage (only for users table)
  • Average life (only for users table)
  • Priority calculation factor (only for users table)
  • Initial value of the record priority (only for users table)