type TUAF_Header = packed record
                       Version : longint ;
                       Flags : longint ; // Reserved for future use
                       Encryption_Codec : TStringList_Ptr ;
                       Users : TList_Ptr ; // Users list
                       User_Names : TStringList_Ptr ; // lowercase user name list
                       Groups : TString_Ptr ; // Groups list
                       Group_Names : TStringList_Ptr ; // lowercase group name list
                   end ;

var SysUAF_File : TUOS_File = nil ;
var SysUAF_Store : TUOS_Native_File_Store = nil ;
var _SysUAF : TUOS_File_Heap = nil ;
var Users_List : TStore_List = nil ;
var Users_Names_List : TStore_String_List = nil ;
var _HAL : THAL = nil ;
var _SSC : TUOS_System_Services = nil ;

var UAF_Header : TUAF_Header ;

function Set_Sysuaf_File( F : TUOS_File ) : TUnified_Exception ;

begin
    Result := nil ;
    if( _SysUAF = nil ) then
    begin
        _SysUAF := TUOS_File_Heap.Create ;
        _SysUAF._File := F ;
    end ;
    if( _SysUAF.Origin = 0 ) then // Need to initialize SYSUAF.DAT
    begin
        fillchar( UAF_Header, sizeof( UAF_Header ), 0 ) ;
        Users_List := Create_Store_List( _SysUAF, 8 ) ;
        UAF_Header.Users := Users_List.Address ;
        Users_List.Count := 8 ;
        Users_List.Detach ;
        Users_Names_List := Create_Store_String_List( _SysUAF, 8 ) ;
        UAF_Header.User_Names := Users_Names_List.Address ;
        Users_Names_List.Count := 8 ;
        Users_Names_List.Detach ;
        _SysUAF.Origin := _SysUAF.Getmem( sizeof( UAF_Header ) ) ;
        _SysUAF.Write_Data( UAF_Header, _SysUAF.Origin, sizeof( UAF_Header ), Result ) ;
        if( Result <> nil ) then
        begin
            exit ;
        end ;
    end ;

    // Load header...
    _SysUAF.Read_Data( UAF_Header, _SysUAF.Origin, sizeof( UAF_Header ), Result ) ;
    if( Result <> nil ) then
    begin
        exit ;
    end ;
    Users_List := Get_Store_List( _SysUAF, UAF_Header.Users ) ;
    Users_Names_List := Get_Store_String_List( _SysUAF, UAF_Header.User_Names ) ;
end ; // Set_Sysuaf_File

function Get_User( UIC : longint ) : TUser ;

var A : int64 ;
    Loop : longint ;

begin
    Result := nil ;
    if( ( UIC < 0 ) or ( UIC >= Users_List.Count ) ) then // Invalid UIC
    begin
        exit ;
    end ;

    // Check for cached user...
    for Loop := 0 to Cached_Users.Count - 1 do
    begin
        Result := TUser( Cached_Users[ Loop ] ) ;
        if( Result._UIC = UIC ) then
        begin
            exit ;
        end ;
    end ; // for

    // Load user from sysUAF...
    A := Users_List[ UIC ] ;

    // Create new user (cached) instance...
    Result := TUser.Create( UIC ) ;
    if( UIC = 1 ) then
    begin
        Result.Flags := UAF_DisCtlY or UAF_Disabled ; // No interrupts and can only be run by Kernel
        Result.Privileges := -1 ;
        Result.Auth_Privileges := -1 ;
    end else
    begin
        Result.Address := A ;
    end ;
end ; // Get_User

function LC_Name_From_UIC( UIC : longint ) : string ;

begin
    if( UIC = 1 ) then
    begin
        Result := 'Startup' ;
        exit ;
    end ;
    Result := '' ;
    if( ( UIC < 1 ) or ( UIC >= Users_List.Count ) ) then // Invalid UIC
    begin
        exit ;
    end ;
    Result := Users_Names_List[ UIC ] ;
end ;


function Name_From_UIC( UIC : longint ) : string ;

var User : TUser ;

begin
    if( UIC = 1 ) then
    begin
        Result := 'Startup' ;
        exit ;
    end ;
    Result := '' ;
    if( ( UIC < 1 ) or ( UIC >= Users_List.Count ) ) then // Invalid UIC
    begin
        exit ;
    end ;
    User := Get_User( UIC ) ;
    User.Attach ;
    Result := User.Name ;
    User.Detach ;
end ;

function Add_User( Name : string ; Special : boolean ;
    UIC_Template : longint ) : longint ;

var I : int64 ;
    Loop : integer ;
    S : TUOS_String ;
    LName : string ;
    User, Template_User : TUser ;

begin
    // Sanity checks...
    Result := -1 ;
    Name := trim( Name ) ;
    if( Name = '' ) then
    begin
        exit ; // Null name not allowed
    end ;
    S := TUOS_String.Create ;
    S.Assign_From_String( Name, SF_UTF8 ) ;
    S.Lowercase ;
    LName := S.As_String ;
    S.Free ;
    if( Users_Names_List.IndexOf( LName, False ) > 0 ) then
    begin
        exit ; // Duplicate name not allowed
    end ;
    if( Users_List.Count < 8 ) then // Reserve space for special UICs
    begin
        Users_List.Count := 8 ;
        Users_Names_List.Count := 8 ;
    end ;

    // Add user...
    I := _SysUAF.Getmem( sizeof( TUAF_User ) ) ;
    if( I = 0 ) then
    begin
        exit ;
    end ;
    if( Special ) then // Special user case...
    begin
        for Loop := 2 to 7 do
        begin
            if( Users_List[ Loop ] = 0 ) then
            begin
                Result := Loop ;
                Users_List[ Result ] := I ;
                Users_Names_List[ Result ] := LName ;
                break ;
            end ;
        end ;
    end ;
    if( Result <= 0 ) then // Not added yet
    begin
        Result := Users_Names_List.Add( LName ) ;
        Users_List.Add( I ) ;
    end ;

    User := Get_User( Result ) ;
    try
        User.Attach ;
        User._UIC := Result ;
        User._Address := I ;
        User.Name := Name ;

        // Assign template values...
        if( ( UIC_Template >= 0 ) and ( UIC_Template < Users_List.Count ) ) then
        begin
            Template_User := Get_User( UIC_Template ) ;
            if( Template_User = nil ) then
            begin
                exit ; // Template not found
            end ;
            try
                Template_User.Attach ;
            finally
                Template_User.Detach ;
            end ;
            User.Flags := Template_User.Flags ;
            User.Shell := Template_User.Shell ;
            User.LGICMD := Template_User.LGICMD ;
            User.Privileges := Template_User.Privileges ;
            User.Auth_Privileges := Template_User.Auth_Privileges ;
            User.Expiration := Template_User.Expiration ;
            User.Owner := Template_User.Owner ;
            User.Priority := Template_User.Priority ;
            User.Quotas := Template_User.Quotas ;
            for Loop := 0 to Template_User.Authentication_Count - 1 do
            begin
                User.Add_Authentication( Template_User.Authentication[ Loop ] ) ;
            end ;
            for Loop := 0 to Template_User.Access_Count - 1 do
            begin
                User.Add_Access( Template_User.Access[ Loop ] ) ;
            end ;
            Template_User.Detach ;
        end ;
    finally
        User.Detach ;
    end ;
end ; // Add_User

There is more to the SysUAF module that we will cover in the future. Now, let's move to the USC and look at the way it uses the SysUAF module. The Force_Login method is called directly by the Kernel startup. All other logins eventually make their way to this function as well:

function TUSC.Force_Login( PID, UIC : cardinal ) : boolean ;

var F : TFile ;
    Loop : integer ;
    Home, S : string ;
    Str, Str1 : TString ;
    UEC : TUnified_Exception ;
    User : TUser ;

begin
    // Handle initial setup...
    if( not _Setup ) then
    begin
        // Open SysUAF.dat...
        F := FiP.Open_File( PID, '_sys0:\uos\sysuaf.dat', FM_RW or FM_Force ) ;
        if( F = nil ) then
        begin
            Set_Last_Error( FiP.Last_Error ) ;
            exit ;
        end ;
        UEC := Set_Sysuaf_File( F ) ;
        if( UEC <> nil ) then
        begin
            Set_Last_Error( UEC ) ;
            exit ;
        end ;

        // Open Accounting.dat...
        F := FiP.Open_File( PID, '_sys0:\uos\accounting.dat', FM_RW or FM_Force ) ;
        if( F = nil ) then
        begin
            Set_Last_Error( FiP.Last_Error ) ;
            exit ;
        end ;
        UEC := Set_Accounting_File( F ) ;
        if( UEC <> nil ) then
        begin
            Set_Last_Error( UEC ) ;
            exit ;
        end ;

        // Create logicals...
        Loop := 2 ;
        S := '' ;
        Str := TString.Create ;
        Str1 := TString.Create ;
        try
            while( Loop <= Max_UIC ) do
            begin
                S := LC_Name_From_UIC( Loop ) ;
                if( S <> '' ) then
                begin
                    User := Get_User( Loop ) ;
                    User.Attach ;
                    Str.P := Pchar( S ) ;
                    Str.Len := length( S ) ;
                    Home := User.Home ;
                    if( Home = '' ) then
                    begin
                        Home := 'sys:\Users\' + S ;
                    end ;
                    Str1.P := PChar( Home ) ;
                    Str1.Len := length( Home ) ;
                    SSC.Set_Symbol( LNM_System, 0, PChar( S ), Str1 ) ;
                    User.Detach ;
                end ;
                inc( Loop ) ;
            end ;
        finally
            Str.Free ;
            Str1.Free ;
        end ;

        _Setup := True ;
    end ; // if( not _Setup )

// Sanity checks.. Result := False ; // Assume success if( ( PID = 0 ) or ( UIC = 0 ) ) then begin Result := True ; Set_Error( UOS_User_Security_Error_Invalid_Context ) ; exit ; end ; // Set on each login to ensure the latest values are set... Set_SSC( SSC ) ; Set_HAL( _HAL ) ; // Do the login User := Get_User( UIC ) ; if( User = nil ) then begin Result := True ; Set_Error( UOS_User_Security_Error_Unknown_User ) ; exit ; end ; User.Attach ; Logged_In_Users.Add( UIC ) ; end ; // TUSC.Force_Login