.\" $XConsortium: xauth.man /main/15 1996/12/09 17:08:01 kaleb $
.\" Copyright (c) 1993  X Consortium
.\" 
.\" Permission is hereby granted, free of charge, to any person 
.\"obtaining
.\" a copy of this software and associated documentation files (the
.\" "Software"), to deal in the Software without restriction, including
.\" without limitation the rights to use, copy, modify, merge, publish,
.\" distribute, sublicense, and/or sell copies of the Software, and to
.\" permit persons to whom the Software is furnished to do so, subject 
.\"to
.\" the following conditions:
.\" 
.\" The above copyright notice and this permission notice shall be 
.\"included
.\" in all copies or substantial portions of the Software.
.\" 
.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
.\"EXPRESS
.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
.\"NONINFRINGEMENT.
.\" IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES 
.\"OR
.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 
.\"OTHERWISE,
.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE 
.\"OR
.\" OTHER DEALINGS IN THE SOFTWARE.
.\" 
.\" Except as contained in this notice, the name of the X Consortium 
.\"shall
.\" not be used in advertising or otherwise to promote the sale, use or
.\" other dealings in this Software without prior written authorization
.\" from the X Consortium.
.\" 
.\" Japanese Version Copyright (c) 1997 Kazuyuki Okamoto
.\"         all rights reserved.
.\" Translated Fri Nov 21 7:00:00 JST 1997
.\"         by Kazuyuki Okamoto <ikko-@pacific.rim.or.jp>
.TH XAUTH 1 "Release 6.3" "X Version 11"
.\".SH NAME
.SH ̾
.\"xauth \- X authority file utility
xauth \- X ǧĥե桼ƥƥ
.\".SH SYNOPSIS
.SH 
.B xauth
[ \fB\-f\fP \fIauthfile\fP ] [ \fB\-vqib\fP ] [ \fIcommand arg ...\fP ]
.\".SH DESCRIPTION
.SH 
.PP
.\"The \fIxauth\fP program is used to edit and display the authorization 
.\"information used in connecting to the X server.  This program is usually
.\"used to extract authorization records from one machine and merge them 
.\"in on another (as is the case when using remote logins or granting
.\"access to other users).  Commands (described below) may be entered
.\"interactively, on the \fIxauth\fP command line, or in scripts.  Note
.\"that this program does \fBnot\fP contact the X server except when the
.\"generate command is used.
.\"Normally \fIxauth\fP is not used to create the authority file entry in
.\"the first place; \fIxdm\fP does that.
\fIxauth\fP ץ X Ф³뤿ǧھԽɽ
ѤޤΥץ̾ 1 ĤΥޥ󤫤ǧڵϿФ
Τ˻Ѥ졢(⡼ȥ¾Υ桼˥)¾
ޥǧڵϿʻ礹Τ˻Ѥޤ˽Ҥ٤륳ޥɤ
\fIxauth\fP ޥɹԤŪץǼ¹Ԥޤ
ץ generate ޥɤȤʳ X Ф³Ƥ
\fBʤ\fP ȤդƤ̾ \fIxauth\fP Ϻǽ
ǧڥեΤǤϤޤ󡣤 \fIxdm\fP Ԥޤ
.\".SH OPTIONS
.SH ץ
.\"The following options may be used with \fIxauth\fP.  They may be given 
.\"individually (e.g., \fI\-q \-i\|\fP) or may combined (e.g., 
.\"\fI\-qi\|\fP).
Υץ \fIxauth\fP ǻѤޤץ̡Ϳ
ޤ(㤨 \fI\-q \-i\|\fP) ϡ礵Ϳޤ(㤨
\fI\-qi\|\fP)
.TP 8
.B "\-f \fIauthfile\fP"
.\"This option specifies the name of the authority file to use.  By 
.\"default,
.\"\fIxauth\fP will use the file specified by the XAUTHORITY environment 
.\"variable
.\"or \fI\.Xauthority\fP in the user's home directory.
ΥץϻѤǧڥե̾ΤꤷޤɸǤϡ
\fIxauth\fP  XAUTHORITY Ķѿϥ桼Υۡǥ쥯ȥ
\fI\.Xauthority\fP ǻꤷեѤޤ
.TP 8
.B \-q
.\"This option indicates that \fIxauth\fP should operate quietly and not 
.\"print
.\"unsolicited status messages.  This is the default if an \fIxauth\fP 
.\"command is
.\"is given on the command line or if the standard output is not directed 
.\"to a
.\"terminal.
Υץ \fIxauth\fP Ť˲ƯƤʤ status messages
Ϥޤ\fIxauth\fP Υޥɤ򥳥ޥɹԤͿƤȡ
ɸϤü˥쥯ȤƤʤˤϡΥץɸ
ͭˤʤޤ
.TP 8
.B \-v
.\"This option indicates that \fIxauth\fP should operate verbosely and 
.\"print
.\"status messages indicating the results of various operations (e.g., how 
.\"many
.\"records have been read in or written out).  This is the default if 
.\"\fIxauth\fP
.\"is reading commands from its standard input and its standard output is
.\"directed to a terminal.
Υץ \fIxauth\fP ˾ĹɽԤ碌Τǡ
η (㤨С쥳ɤɤ߹񤭹) Ϥ򼨤ޤ
\fIxauth\fP ΥޥɤɸϤͿƤȡɸϤü
쥯ȤƤϡΥץɸͭˤʤޤ
.TP 8
.B \-i
.\"This option indicates that \fIxauth\fP should ignore any authority file
.\"locks.  Normally, \fIxauth\fP will refuse to read or edit any authority 
.\"files
.\"that have been locked by other programs (usually \fIxdm\fP or another 
.\"\fIxauth\fP).
Υץ \fIxauth\fP ĤǧڥեΥå̵뤹
ޤ̾\fIxauth\fP ¾Υץ (̾ \fIxdm\fP Ȥ¾
\fIxauth\fP) ˤåݤäǧڥեɤ߹ߤԽݤޤ
.TP 8
.B \-b
.\"This option indicates that \fIxauth\fP should attempt to break any 
.\"authority
.\"file locks before proceeding.  Use this option only to clean up stale 
.\"locks.
Υץ \fIxauth\fP ³Ԥ˥եΥåޤ
Υץ̵̣ˤʤäåˤѤƤ
.\".SH COMMANDS
.SH ޥ
.\"The following commands may be used to manipulate authority files:
ΥޥɤǧڥեΤ˻Ȥޤ:
.TP 8
.B "add \fIdisplayname protocolname hexkey"
.\"An authorization entry for the indicated display using the given 
.\"protocol
.\"and key data is added to the authorization file.  The data is specified 
.\"as
.\"an even-lengthed string of hexadecimal digits, each pair representing 
.\"one octet.  The first digit of each pair gives the most significant 4 
.\"bits
.\"of the octet, and the second digit of the pair gives the least 
.\"significant 4
.\"bits.  For example, a 32 character hexkey would represent a 128-bit 
.\"value.
.\"A protocol name consisting of just a 
.\"single period is treated as an abbreviation for 
.\"\fIMIT-MAGIC-COOKIE-1\fP.
ͿץȥȥǡѤꤷǥץ쥤Ѥǧ
ȥ
ǧڥեɲäޤǡ 16 ʿζĹʸǤ줾
ƥåȤΥڥɽޤ줾ΥڥκǽηϥƥåȤƬ 4 
ӥåȤ̣ƤƼηϻĤ 4 ӥåȤ̣Ƥޤ㤨С
32 ʸ hexkey  128 ӥåȤ̣ͤƤޤ
ץȥ̾Τñ 1 ĤΥԥꥪɤǹƤϡ
\fIMIT-MAGIC-COOKIE-1\fP ξάǤ

.TP 8
.B "generate \fIdisplayname protocolname\fP 
\fR[\fPtrusted|untrusted\fR]\fP"
.B \fR[\fPtimeout \fIseconds\fP\fR]\fP  \fR[\fPgroup 
\fIgroup-id\fP\fR]\fP \fR[\fBdata \fIhexdata\fR]

.\"This command is similar to add.  The main difference is that instead
.\"of requiring the user to supply the key data, it connects to the
.\"server specified in \fIdisplayname\fP and uses the SECURITY extension
.\"in order to get the key data to store in the authorization file.  If
.\"the server cannot be contacted or if it does not support the SECURITY
.\"extension, the command fails.  Otherwise, an authorization entry for
.\"the indicated display using the given protocol is added to the
.\"authorization file.  A protocol name consisting of just a single
.\"period is treated as an abbreviation for \fIMIT-MAGIC-COOKIE-1\fP.
Υޥɤ add ˻Ƥޤʰ㤤ϥǡͿդ
桼ɬפˤʤ뤳Ȥǡ\fIdisplayname\fP ǻꤷФ³
ǧڥեˤ륭ǡ٤ SECURITY ǽĥȤޤ
Ф³ǤʤȤSECURITY ǽĥѤǤʤϡ
ޥɤϼԤޤ¾ˤϡͿץȥȤꤷǥץ쥤
Ѥǧڥȥǧڥեɲäޤ
ץȥ̾Τñ 1 ĤΥԥꥪɤǹƤϡ
\fIMIT-MAGIC-COOKIE-1\fP ξάǤ

.\"If the \fBtrusted\fP option is used, clients that connect using this
.\"authorization will have full run of the display, as usual.  If
.\"\fBuntrusted\fP is used, clients that connect using this authorization
.\"will be considered untrusted and prevented from stealing or tampering
.\"with data belonging to trusted clients.  See the SECURITY extension
.\"specification for full details on the restrictions imposed on
.\"untrusted clients.  The default is \fBuntrusted\fP.
\fBtrusted\fP ץȤϡǧڤѤ³
饤ȤϤĤΤ褦ˡǥץ쥤Τ٤ƤǼ¹ԤǤޤ
\fBuntrusted\fP ѤϡǧڤȤä³륯饤Ȥ
ꤵʤꤵ줿桼λäƤǡɻߤ
ꤵʤ桼˲ݤ줿¤Τ٤Ƥξܺ٤ˤĤƤ SECURITY
ǽĥλͤɸͤ \fBuntrusted\fP Ǥ

.\"The \fBtimeout\fP option specifies how long in seconds this
.\"authorization will be valid.  If the authorization remains unused (no
.\"clients are connected with it) for longer than this time period, the
.\"server purges the authorization, and future attempts to connect using
.\"it will fail.  Note that the purging done by the server does \fBnot\fP
.\"delete the authorization entry from the authorization file.  The
.\"default timeout is 60 seconds.
\fBtimeout\fP ץϤǧڤ֤ͭñ̤ǻ
ޤǧڤδְʾѤʤޤ (饤Ȥ³ʤ) 
ϡФǧڤʹߡǧڤȤä³ϼԤޤ
ФˤǤǧڥեǧڥȥκ \fBԤʤ\fP
դƤtimeout ɸͤ 60 äǤ

.\"The \fBgroup\fP option specifies the application group that clients
.\"connecting with this authorization should belong to.  See the
.\"application group extension specification for more details.  The
.\"default is to not belong to an application group.
\fBgroup\fP ץϤǧڤ³륯饤Ȥ°륢ץ
󥰥롼פꤷޤʤܺ٤ϥץꥱ󥰥롼
ǽĥλͤɸͤϥץꥱ󥰥롼פˤ°
ޤ

.\"The \fBdata\fP option specifies data that the server should use to
.\"generate the authorization.  Note that this is \fBnot\fP the same data
.\"that gets written to the authorization file.  The interpretation of
.\"this data depends on the authorization protocol.  The \fIhexdata\fP is
.\"in the same format as the \fIhexkey\fP described in the add command.
.\"The default is to send no data.
\fBdata\fP ץϥФǧڤ뤿˻Ѥǡ
ΤǤǧڥե˽񤭹ǡƱΤǤ
\fBʤ\fPդƤΥǡβǧڥץȥ˰¸
ޤ\fIhexdata\fP  add ޥɤ˵Ҥ \fIhexkey\fP Ʊͤ
񼰤Ǥɸͤϥǡޤ

.TP 8
.B "[n]extract \fIfilename displayname..."
.\"Authorization entries for each of the specified displays are written to 
.\"the 
.\"indicated file.  If the \fInextract\fP command is used, the entries are 
.\"written
.\"in a numeric format suitable for non-binary transmission (such as secure
.\"electronic mail).  The extracted entries can be read back in using the 
.\"\fImerge\fP and \fInmerge\fP commands.  If the filename consists of 
.\"just a single dash, the entries will be written to the standard output.
ꤷǥץ쥤ǧڥȥϻꤷե˽񤭹ߤޤ
\fInextract\fP ޥɤѤ硢ǧڥȥ (ΤʤŻҥ᡼
Τ褦) ХʥǤʤ˸Ƥͤν񼰤ǽ񤫤Ƥޤ
Ф줿ȥ \fImerge\fP  \fInmerge\fP ޥɤȤäɤᤷ
Ǥޤե̾ñ 1 ĤΥϥե ('-') ǹƤϡ
ȥɸϤ˽񤭽Фޤ
.TP 8
.B "[n]list \fR[\fIdisplayname\fP...]"
.\"Authorization entries for each of the specified displays (or all if no
.\"displays are named) are printed on the standard output.  If the 
.\"\fInlist\fP
.\"command is used, entries will be shown in the numeric format used by 
.\"the \fInextract\fP command; otherwise, they are shown in a textual 
.\"format.
.\"Key data is always displayed in the hexadecimal format given in the