Hi all.
I have a log file that the operators monitor. This file is simply tailed -f on a screen in the ops room. I would like to know if there is anyway I can disable the keyboard from any input other than physically unpluging it. Something like a trap in the script.
The system is AIX 5.2.
... (2 Replies)
I am able to disable direct root login through telnet. But when I add the rlogin = false into the /etc/security/user file. I am unable to log in as root from ssh. I uncommented the "PermitRootLogin yes" in the sshd_config file. Still can't log in. Can anyone help? (0 Replies)
Hello,
I have AIX machine communication to mainframe machine. From AIX machine, i have to use always SSH communication. For this, i have created SSH tunnel in AIX machine and using FTP with SSH.
Now both connections are working:
1) only FTP to mainframe machine
2) create SSH and do FTP... (3 Replies)
Can someone help me disable the banner printing in AIX 6
I am using HPjetDirect Drivers. SO whenever i print anything from Oracle application, a banner is printed. like the one below
######### User: alices@hostname
##### Title: /etc/release
##### Date: Fri 17:23 Mar 27, 2009
##### ... (2 Replies)
Hi Team,
I want to either disable C-shell permanently from my system.
since the package bos.rte.shell 5.3.9.2 APPLIED Shells (bsh, ksh, csh)
contains all 3 shells, please guide me how I can remove or permanently disable cshell from my box.
I know I can rename /usr/bin/csh and disable but... (2 Replies)
I need to change the security on our AIX servers and disable telnet from all but certain IP addresses.
I have hashed the telnet line in /etc/inetd.conf and added filter rules for those IP adds to allow access on port 23, but this didn't work.
Does anyone have any ideas?
Thanks. (2 Replies)
Hi all Expertise,
I have following issue to solve,
SSL / TLS Renegotiation DoS (low) 222.225.12.13
Ease of Exploitation Moderate
Port 443/tcp
Family Miscellaneous
Following is the problem description:------------------
Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
I have disabled rlogin for root successfully , but after that i could not login to root from console and could not su to root from other users as it responded as expired account
I did not have any admin user but I have managed to recover the situation by accessing rootvg before mounting it, but... (5 Replies)
Discussion started by: majd_ece
5 Replies
LEARN ABOUT HPUX
acps.conf
acps.conf(4) Kernel Interfaces Manual acps.conf(4)NAME
acps.conf - configuration file for the Access Control Policy Switch (ACPS)
SYNOPSIS DESCRIPTION
The ACPS configuration file controls which modules are consulted for making an access control decision, the order in which the modules are
consulted, and the rules for combining their responses to return a result back to the application.
Syntax and Default Behavior
The file consists of one or more entries in the following format:
Whitespace in these entries is combined into a single blank (" ") character and removed from the beginning and end of each field. If mul-
tiple flags are specified, they should be separated with a comma character.
The individual parameters are defined as follows:
The label provides a human-readable name for the module entry.
The module name identifies the actual shared library to load to effect
the authorization decision. The module name is specified without a path or a suffix (for example, both of which are
assumed from the architecture.
The arguments are defined by the module (that is, module dependent) and are
used to provide additional configuration flexibility.
The field is used to modify the switch's behavior in interpreting the results of the module. See for more details and
possible values for this field.
The order of the entries in the acps.conf file denote the order in which the modules should be called to perform the access check. Each
entry is called in turn until an "authoritative result code" is returned. In the currently defined result code, everything except is
authoritative. Once an authoritative result code is returned by a decision provider module, the code is returned immediately to the appli-
cation. If is returned, the module is ignored and the next module is referenced.
is returned to the application if no module returns an authoritative result.
Entry Flags
In some cases, the default rules for ordering access requests and combining results do not behave as expected for a particular decision
provider module. In this case, it is possible to affect the processing of the ACPS by specifying one or more of the pre-defined flags. If
you specify multiple flags, you should separate them with a comma character.
There is currently only one flag recognized by the switch. The following flag may be specified on a per-module basis:
Short for 'non-authoritative', this flag is used for policy modules that always return
authoritative responses, even when they should not. Specifically, modifies the processing of the entry such that a return
of The effect of this is that multiple modules may be stacked with this flag, such that if any module returns then the
switch returns
EXAMPLES
The following is an example configuration file. Lines that begin with the symbol are treated as comments, and therefore ignored.
# First, attempt to satisfy access request using custom
# module, (e.g. granting all users access to a particular
# object foo, but only between 9am - 5pm). The custom
# module verifies the time and that the object matches
# the specified argument. (In this case, "foo".) If this
# module returns ACPS_DENY, keep going to the next entry
# rather than just returning deny to the application.
HP-UX RBAC : libacpm_timebased : foo : NONATTV
# If custom rule does not match, use default local RBAC
# rule processing
HP-UX RBAC : libacpm_hpux_rbac : :
SEE ALSO acps(3), acps_api(3), acps_spi(3).
acps.conf(4)