Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Disable RBAC - AIX
Operating Systems AIX Disable RBAC - AIX Post 302628301 by zaxxon on Monday 23rd of April 2012 09:05:38 AM
Old 04-23-2012
No offense - maybe explain your boss what a Trusted AIX installation means.
Taken from Help - AIX 7.1 Information Center
Quote:
...
Please note that once you choose this mode of installation, you will not be able to go back to a regular AIX environment without performing an overwrite install of regular AIX. Evaluate your need for a Trusted AIX environment before choosing this mode of install. More details about Trusted AIX can be found in the AIX publicly available documentation.
...
* login and password controlled system and network access
* user, group, and world file access permissions
* access control lists (ACLs)
* Audit subsystem
* Role Based Access Control (RBAC)

Trusted AIX builds upon these primary AIX operating system security features to further enhance and extend AIX security into the networking subsystems.
...
I had a colleague trying out Trusted AIX, it was so limited in options that the idea was just discarded.

Maybe there is a slight chance that there is an option how to turn off RBAC, but my assumption is, that it is not possible.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Disable Keyboard in AIX 5.2

Hi all. I have a log file that the operators monitor. This file is simply tailed -f on a screen in the ops room. I would like to know if there is anyway I can disable the keyboard from any input other than physically unpluging it. Something like a trap in the script. The system is AIX 5.2. ... (2 Replies)
Discussion started by: jhansrod
2 Replies

2. UNIX for Dummies Questions & Answers

Disable root for AIX 5.2

I am able to disable direct root login through telnet. But when I add the rlogin = false into the /etc/security/user file. I am unable to log in as root from ssh. I uncommented the "PermitRootLogin yes" in the sshd_config file. Still can't log in. Can anyone help? (0 Replies)
Discussion started by: james0125
0 Replies

3. AIX

disable inbound mail for AIX 5.3

Hi All, How do I disable inbound mail for AIX 5.3 server? I just need the outbound mail. It's using the native sendmail program. Thank you! (1 Reply)
Discussion started by: itik
1 Replies

4. AIX

FTP access disable in AIX

Hello, I have AIX machine communication to mainframe machine. From AIX machine, i have to use always SSH communication. For this, i have created SSH tunnel in AIX machine and using FTP with SSH. Now both connections are working: 1) only FTP to mainframe machine 2) create SSH and do FTP... (3 Replies)
Discussion started by: balareddy
3 Replies

5. AIX

Disable Banner Printing AIX ?

Can someone help me disable the banner printing in AIX 6 I am using HPjetDirect Drivers. SO whenever i print anything from Oracle application, a banner is printed. like the one below ######### User: alices@hostname ##### Title: /etc/release ##### Date: Fri 17:23 Mar 27, 2009 ##### ... (2 Replies)
Discussion started by: filosophizer
2 Replies

6. Shell Programming and Scripting

How to disable Enable/Disable Tab Key

Hi All, I have bash script, so what is sintax script in bash for Enable and Disable Tab Key. Thanks for your help.:( Thanks, Rico (1 Reply)
Discussion started by: carnegiex
1 Replies

7. AIX

How to disable/remove c-shell in aix?

Hi Team, I want to either disable C-shell permanently from my system. since the package bos.rte.shell 5.3.9.2 APPLIED Shells (bsh, ksh, csh) contains all 3 shells, please guide me how I can remove or permanently disable cshell from my box. I know I can rename /usr/bin/csh and disable but... (2 Replies)
Discussion started by: falgun6666
2 Replies

8. AIX

Allow telnet in AIX from specific IP adds, but disable for everyone else

I need to change the security on our AIX servers and disable telnet from all but certain IP addresses. I have hashed the telnet line in /etc/inetd.conf and added filter rules for those IP adds to allow access on port 23, but this didn't work. Does anyone have any ideas? Thanks. (2 Replies)
Discussion started by: Alps
2 Replies

9. Red Hat

SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable?

Hi all Expertise, I have following issue to solve, SSL / TLS Renegotiation DoS (low) 222.225.12.13 Ease of Exploitation Moderate Port 443/tcp Family Miscellaneous Following is the problem description:------------------ Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Discussion started by: manalisharmabe
2 Replies

10. AIX

AIX Disable direct root login problems

I have disabled rlogin for root successfully , but after that i could not login to root from console and could not su to root from other users as it responded as expired account I did not have any admin user but I have managed to recover the situation by accessing rootvg before mounting it, but... (5 Replies)
Discussion started by: majd_ece
5 Replies

LEARN ABOUT DEBIAN

bup-margin

bup-margin(1)						      General Commands Manual						     bup-margin(1)

NAME

       bup-margin - figure out your deduplication safety margin

SYNOPSIS

       bup margin [options...]

DESCRIPTION

       bup margin  iterates  through  all  objects  in	your  bup repository, calculating the largest number of prefix bits shared between any two
       entries.  This number, n, identifies the longest subset of SHA-1 you could use and still encounter a collision between your object ids.

       For example, one system that was tested had a collection of 11 million objects (70 GB), and bup margin returned 45.  That  means  a  46-bit
       hash  would be sufficient to avoid all collisions among that set of objects; each object in that repository could be uniquely identified by
       its first 46 bits.

       The number of bits needed seems to increase by about 1 or 2 for every doubling of the number of objects.  Since SHA-1 hashes have 160 bits,
       that  leaves 115 bits of margin.  Of course, because SHA-1 hashes are essentially random, it's theoretically possible to use many more bits
       with far fewer objects.

       If you're paranoid about the possibility of SHA-1 collisions, you can monitor your repository by running bup margin occasionally to see	if
       you're getting dangerously close to 160 bits.

OPTIONS

       --predict
	      Guess  the offset into each index file where a particular object will appear, and report the maximum deviation of the correct answer
	      from the guess.  This is potentially useful for tuning an interpolation search algorithm.

       --ignore-midx
	      don't use .midx files, use only .idx files.  This is only really useful when used with --predict.

EXAMPLE

	      $ bup margin
	      Reading indexes: 100.00% (1612581/1612581), done.
	      40
	      40 matching prefix bits
	      1.94 bits per doubling
	      120 bits (61.86 doublings) remaining
	      4.19338e+18 times larger is possible

	      Everyone on earth could have 625878182 data sets
	      like yours, all in one repository, and we would
	      expect 1 object collision.

	      $ bup margin --predict
	      PackIdxList: using 1 index.
	      Reading indexes: 100.00% (1612581/1612581), done.
	      915 of 1612581 (0.057%)

SEE ALSO

       bup-midx(1), bup-save(1)

BUP

       Part of the bup(1) suite.

AUTHORS

       Avery Pennarun <apenwarr@gmail.com>.

Bup unknown-															     bup-margin(1)
All times are GMT -4. The time now is 01:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy