Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Default system users
Operating Systems AIX Default system users Post 302221949 by jim mcnamara on Tuesday 5th of August 2008 02:28:03 PM
Old 08-05-2008
lp allows you to use printers, so if you want to allow users to print using lp then don't block the user.

Each of those has a use, like sshd for being able to connect using ssh, for example.

What makes you require that they have to be locked?
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

AIX Unix.. number of users on system in a particular group

Does anyone know what pipe string might be used to determine how many people are logged onto an AIX system where a group ID begins with lets say 4. In other words, I am looking to query the system for the number of people currently logged onto a system that belong to any group starting with 4.... (1 Reply)
Discussion started by: afiore
1 Replies

2. UNIX for Dummies Questions & Answers

Find users using system(List them only once)

Hey, got a few questions here for anyone who can help...... Command line to - display users using the system, but count them only once. Command line to - use the lastcomm command to display how many times ive used grep in october. Command line to - list all logged on users with at least 6... (3 Replies)
Discussion started by: xBuRnTx
3 Replies

3. Shell Programming and Scripting

How can i use system users in perl for login page

Hi, I want to code a script with perl. For this, I need some knowledge. How can i use system user name(with group) and password in my login page? I will be happy if you can help me (2 Replies)
Discussion started by: tahsinaltay
2 Replies

4. Shell Programming and Scripting

Bash Help: users who are not logged into the system to display

A Newbie here, I am working on a script and am having problems with the else part of the script. I can't get the users who are not logged into the system to display on the screen with their username and the text "The user is not logged in". I am sure it is something simple and stupid, but I... (5 Replies)
Discussion started by: rchirico
5 Replies

5. UNIX for Advanced & Expert Users

Best practices with AIX system users?

All, Preliminaries: AIX 5.2 Tivoli Maestro 6.1 (9.2) I am auditing an older AIX system. As it stands, I can login remotely to the system using the Maestro application's user account. This is BAD. The administrator claims that he cannot disable the remote login, because it will... (1 Reply)
Discussion started by: Thatto
1 Replies

6. Emergency UNIX and Linux Support

List of users on an AIX system

Is there a way to generate a list of users with name, user ID, and Security Group? It is urgent for audit purposes. Please help. (5 Replies)
Discussion started by: ggayathri
5 Replies

7. Homework & Coursework Questions

Find out the System users

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: I want to create a file called Allusers that contains the list of currently logged on users and the total number... (2 Replies)
Discussion started by: ahm2008
2 Replies

8. UNIX for Dummies Questions & Answers

List system users and..

Hello i need fast help... script which will list only human users from /etc/passwd and find out if they have something in home. Thanks (11 Replies)
Discussion started by: mentoscz
11 Replies

9. UNIX for Dummies Questions & Answers

Users logged into the system

So I'm trying to write a single line command So I have to use last first in this command and I've figured out the format my professor wants it in, something like thislast | cut -d' ' -f1,15 | sort > check | uniq -c.... and I never can get it right, when I just last command I get something... (2 Replies)
Discussion started by: DoubleAlpha
2 Replies

LEARN ABOUT CENTOS

cronjob_selinux

cronjob_selinux(8)					      SELinux Policy cronjob						cronjob_selinux(8)

NAME

       cronjob_selinux - Security Enhanced Linux Policy for the cronjob processes

DESCRIPTION

       Security-Enhanced Linux secures the cronjob processes via flexible mandatory access control.

       The  cronjob  processes execute with the cronjob_t SELinux type. You can check if you have these processes running by executing the ps com-
       mand with the -Z qualifier.

       For example:

       ps -eZ | grep cronjob_t

ENTRYPOINTS

       The cronjob_t SELinux type can be entered via the user_cron_spool_t, shell_exec_t file types.

       The default entrypoint paths for the cronjob_t domain are the following:

       /var/spool/at(/.*)?,  /var/spool/cron,  /bin/d?ash,  /bin/zsh.*,  /bin/ksh.*,  /usr/bin/d?ash,  /usr/bin/zsh.*,	/usr/bin/ksh.*,  /bin/esh,
       /bin/mksh,  /bin/sash,  /bin/tcsh,  /bin/yash, /bin/bash, /bin/fish, /bin/bash2, /usr/bin/esh, /usr/bin/sash, /usr/bin/tcsh, /usr/bin/yash,
       /usr/bin/fish,  /usr/bin/mksh,	/usr/bin/bash,	 /sbin/nologin,   /usr/sbin/sesh,   /usr/bin/bash2,   /usr/sbin/smrsh,	 /usr/bin/scponly,
       /usr/sbin/nologin, /usr/libexec/sesh, /usr/sbin/scponlyc, /usr/bin/git-shell, /usr/libexec/git-core/git-shell

PROCESS TYPES

       SELinux defines process types (domains) for each process running on the system

       You can see the context of a process using the -Z option to ps

       Policy  governs the access confined processes have to files.  SELinux cronjob policy is very flexible allowing users to setup their cronjob
       processes in as secure a method as possible.

       The following process types are defined for cronjob:

       cronjob_t

       Note: semanage permissive -a cronjob_t can be used to make the process type cronjob_t permissive. SELinux does not deny access  to  permis-
       sive process types, but the AVC (SELinux denials) messages are still generated.

BOOLEANS

       SELinux	policy	is  customizable based on least access required.  cronjob policy is extremely flexible and has several booleans that allow
       you to manipulate the policy and run cronjob with the tightest access possible.

       If you want to deny any process from ptracing or debugging any other processes, you must  turn  on  the	deny_ptrace  boolean.  Enabled	by
       default.

       setsebool -P deny_ptrace 1

       If you want to allow all domains to use other domains file descriptors, you must turn on the domain_fd_use boolean. Enabled by default.

       setsebool -P domain_fd_use 1

       If  you	want  to  allow  all domains to have the kernel load modules, you must turn on the domain_kernel_load_modules boolean. Disabled by
       default.

       setsebool -P domain_kernel_load_modules 1

       If you want to allow all domains to execute in fips_mode, you must turn on the fips_mode boolean. Enabled by default.

       setsebool -P fips_mode 1

       If you want to enable reading of urandom for all domains, you must turn on the global_ssp boolean. Disabled by default.

       setsebool -P global_ssp 1

       If you want to allow system to run with NIS, you must turn on the nis_enabled boolean. Disabled by default.

       setsebool -P nis_enabled 1

MANAGED FILES

       The SELinux process type cronjob_t can manage files labeled with the following file types.  The paths listed  are  the  default	paths  for
       these file types.  Note the processes UID still need to have DAC permissions.

       user_home_t

	    /home/[^/]*/.+

       user_tmp_t

	    /var/run/user(/.*)?
	    /tmp/hsperfdata_root
	    /var/tmp/hsperfdata_root
	    /tmp/gconfd-.*

COMMANDS

       semanage fcontext can also be used to manipulate default file context mappings.

       semanage permissive can also be used to manipulate whether or not a process type is permissive.

       semanage module can also be used to enable/disable/install/remove policy modules.

       semanage boolean can also be used to manipulate the booleans

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was auto-generated using sepolicy manpage .

SEE ALSO

       selinux(8), cronjob(8), semanage(8), restorecon(8), chcon(1), sepolicy(8) , setsebool(8)

cronjob 							     14-06-10							cronjob_selinux(8)
All times are GMT -4. The time now is 05:55 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy