Previous Topic: secons Utility—Manage Concurrent Login OptionsNext Topic: secons Utility—Shut Down CA ControlMinder on Windows


secons Utility—Manage Resource Caching on UNIX

Valid on UNIX

The secons utility manages resource caching (file cache) on UNIX. The cache, a runtime table, "remembers" the previous answer to an authorization request (permit or deny) for resources in the FILE class. When an identical authorization is requested, the request is answered with the last response that was stored in the cache memory tables.

This command has the following format:

secons [-C+] [-C-] [-CA value] [-CC interval] [-CD] \
[-CF value] [-CI init_value] [-CP interval] -CU value]
‑C+

Enables caching of file authorization.

‑C‑

Disables caching of file authorization.

‑CA value

Specifies the maximum number of authorization records in a table.

Default: 80

Limits: A number between 1 and 800

‑CC interval

Specifies the cache clean interval in minutes.

Default: 60

Limits: A number greater than 0

‑CD

Displays the cache table to the standard output.

‑CF value

Specifies the maximum number of file records in a table.

Default: 20

Limits: A number between 1 and 200

‑CI init_value

Specifies the initial priority value for a new record in the cache table.

Default: 10

‑CP interval

Specifies the cache priority computing interval.

Default: 1 (one record)

Limits: A number between 1 and 10

‑CU value

Specifies the maximum number of user records in a table.

Default: 50

Limits: A number between 1 and 500

Example: Change cache settings

The following example shows you how you can change settings of the cache so that the maximum number of file, user, and authorization records in the cache are 60:

secons -CF 60 -CU 60 -CA 60

Example: Display the cache table

The following example shows the output of the secons -CD command:

=============================================================================
       	FILE CACHE (configuration, statistics, and dispatcher data)
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
sizes(bytes)       tables:                | max records:      | intervals
cache   head      files    users    auth  | files users auths |clean prio
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
40244    44        5600     4200    30400 |  20    50    80   |   60   1
===========================================================================
table  |statistics        | priority    |min | rec  | average      |pri |init
name   |  hits misses (ok)| maxim  minim|ind | used | usage   life |fact|prio
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
files  |    5     1   83% |   0      0  |  0 |   1  |              |    |
users  |    5     1   83% |  10      2  |  0 |   1  |  0       0   |  1 | 10
auths  |    4     2   66% |   2         |  0 |   2  |              |    |
===========================================================================
FILE TABLE
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
No  type    pid priority user                              file name
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
0   EXPL    372      0    0                                   /etc/shadow
===========================================================================
USER TABLE
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
No   user name     prio   life   used   UID  EUID  RUID auth prev(file)next
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
0    root           2       2      7     0    0     0    0    50(   0)  50
===========================================================================
AUTHORIZATION RESULT TABLE  (R ‑ Result: 'P'‑permit, 'D'‑deny ...)
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
No  R ACEE acc  Log stage prv(usr)nxt time       terminal  program 
‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑
0   P   6  read  0  00036 80(  0)  1   07:48:25            /usr/bin/login
===========================================================================

The following explains the preceding output:

The output consists of five parts: