Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Disable RBAC - AIX
Operating Systems AIX Disable RBAC - AIX Post 302628301 by zaxxon on Monday 23rd of April 2012 09:05:38 AM
Old 04-23-2012
No offense - maybe explain your boss what a Trusted AIX installation means.
Taken from Help - AIX 7.1 Information Center
Quote:
...
Please note that once you choose this mode of installation, you will not be able to go back to a regular AIX environment without performing an overwrite install of regular AIX. Evaluate your need for a Trusted AIX environment before choosing this mode of install. More details about Trusted AIX can be found in the AIX publicly available documentation.
...
* login and password controlled system and network access
* user, group, and world file access permissions
* access control lists (ACLs)
* Audit subsystem
* Role Based Access Control (RBAC)

Trusted AIX builds upon these primary AIX operating system security features to further enhance and extend AIX security into the networking subsystems.
...
I had a colleague trying out Trusted AIX, it was so limited in options that the idea was just discarded.

Maybe there is a slight chance that there is an option how to turn off RBAC, but my assumption is, that it is not possible.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Disable Keyboard in AIX 5.2

Hi all. I have a log file that the operators monitor. This file is simply tailed -f on a screen in the ops room. I would like to know if there is anyway I can disable the keyboard from any input other than physically unpluging it. Something like a trap in the script. The system is AIX 5.2. ... (2 Replies)
Discussion started by: jhansrod
2 Replies

2. UNIX for Dummies Questions & Answers

Disable root for AIX 5.2

I am able to disable direct root login through telnet. But when I add the rlogin = false into the /etc/security/user file. I am unable to log in as root from ssh. I uncommented the "PermitRootLogin yes" in the sshd_config file. Still can't log in. Can anyone help? (0 Replies)
Discussion started by: james0125
0 Replies

3. AIX

disable inbound mail for AIX 5.3

Hi All, How do I disable inbound mail for AIX 5.3 server? I just need the outbound mail. It's using the native sendmail program. Thank you! (1 Reply)
Discussion started by: itik
1 Replies

4. AIX

FTP access disable in AIX

Hello, I have AIX machine communication to mainframe machine. From AIX machine, i have to use always SSH communication. For this, i have created SSH tunnel in AIX machine and using FTP with SSH. Now both connections are working: 1) only FTP to mainframe machine 2) create SSH and do FTP... (3 Replies)
Discussion started by: balareddy
3 Replies

5. AIX

Disable Banner Printing AIX ?

Can someone help me disable the banner printing in AIX 6 I am using HPjetDirect Drivers. SO whenever i print anything from Oracle application, a banner is printed. like the one below ######### User: alices@hostname ##### Title: /etc/release ##### Date: Fri 17:23 Mar 27, 2009 ##### ... (2 Replies)
Discussion started by: filosophizer
2 Replies

6. Shell Programming and Scripting

How to disable Enable/Disable Tab Key

Hi All, I have bash script, so what is sintax script in bash for Enable and Disable Tab Key. Thanks for your help.:( Thanks, Rico (1 Reply)
Discussion started by: carnegiex
1 Replies

7. AIX

How to disable/remove c-shell in aix?

Hi Team, I want to either disable C-shell permanently from my system. since the package bos.rte.shell 5.3.9.2 APPLIED Shells (bsh, ksh, csh) contains all 3 shells, please guide me how I can remove or permanently disable cshell from my box. I know I can rename /usr/bin/csh and disable but... (2 Replies)
Discussion started by: falgun6666
2 Replies

8. AIX

Allow telnet in AIX from specific IP adds, but disable for everyone else

I need to change the security on our AIX servers and disable telnet from all but certain IP addresses. I have hashed the telnet line in /etc/inetd.conf and added filter rules for those IP adds to allow access on port 23, but this didn't work. Does anyone have any ideas? Thanks. (2 Replies)
Discussion started by: Alps
2 Replies

9. Red Hat

SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable?

Hi all Expertise, I have following issue to solve, SSL / TLS Renegotiation DoS (low) 222.225.12.13 Ease of Exploitation Moderate Port 443/tcp Family Miscellaneous Following is the problem description:------------------ Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Discussion started by: manalisharmabe
2 Replies

10. AIX

AIX Disable direct root login problems

I have disabled rlogin for root successfully , but after that i could not login to root from console and could not su to root from other users as it responded as expired account I did not have any admin user but I have managed to recover the situation by accessing rootvg before mounting it, but... (5 Replies)
Discussion started by: majd_ece
5 Replies

LEARN ABOUT OSX

perlos4005.16

PERLOS400(1)						 Perl Programmers Reference Guide					      PERLOS400(1)

NAME

       perlos400 - Perl version 5 on OS/400

DESCRIPTION

       This document describes various features of IBM's OS/400 operating system that will affect how Perl version 5 (hereafter just Perl) is
       compiled and/or runs.

       By far the easiest way to build Perl for OS/400 is to use the PASE (Portable Application Solutions Environment), for more information see
       <http://www.iseries.ibm.com/developer/factory/pase/index.html> This environment allows one to use AIX APIs while programming, and it
       provides a runtime that allows AIX binaries to execute directly on the PowerPC iSeries.

   Compiling Perl for OS/400 PASE
       The recommended way to build Perl for the OS/400 PASE is to build the Perl 5 source code (release 5.8.1 or later) under AIX.

       The trick is to give a special parameter to the Configure shell script when running it on AIX:

	 sh Configure -DPASE ...

       The default installation directory of Perl under PASE is /QOpenSys/perl.  This can be modified if needed with Configure parameter
       -Dprefix=/some/dir.

       Starting from OS/400 V5R2 the IBM Visual Age compiler is supported on OS/400 PASE, so it is possible to build Perl natively on OS/400.  The
       easier way, however, is to compile in AIX, as just described.

       If you don't want to install the compiled Perl in AIX into /QOpenSys (for packaging it before copying it to PASE), you can use a Configure
       parameter: -Dinstallprefix=/tmp/QOpenSys/perl.  This will cause the "make install" to install everything into that directory, while the
       installed files still think they are (will be) in /QOpenSys/perl.

       If building natively on PASE, please do the build under the /QOpenSys directory, since Perl is happier when built on a case sensitive
       filesystem.

   Installing Perl in OS/400 PASE
       If you are compiling on AIX, simply do a "make install" on the AIX box.	Once the install finishes, tar up the /QOpenSys/perl directory.
       Transfer the tarball to the OS/400 using FTP with the following commands:

	 > binary
	 > site namefmt 1
	 > put perl.tar /QOpenSys

       Once you have it on, simply bring up a PASE shell and extract the tarball.

       If you are compiling in PASE, then "make install" is the only thing you will need to do.

       The default path for perl binary is /QOpenSys/perl/bin/perl.  You'll want to symlink /QOpenSys/usr/bin/perl to this file so you don't have
       to modify your path.

   Using Perl in OS/400 PASE
       Perl in PASE may be used in the same manner as you would use Perl on AIX.

       Scripts starting with #!/usr/bin/perl should work if you have /QOpenSys/usr/bin/perl symlinked to your perl binary.  This will not work if
       you've done a setuid/setgid or have environment variable PASE_EXEC_QOPENSYS="N".  If you have V5R1, you'll need to get the latest PTFs to
       have this feature.  Scripts starting with #!/QOpenSys/perl/bin/perl should always work.

   Known Problems
       When compiling in PASE, there is no "oslevel" command.  Therefore, you may want to create a script called "oslevel" that echoes the level
       of AIX that your version of PASE runtime supports.  If you're unsure, consult your documentation or use "4.3.3.0".

       If you have test cases that fail, check for the existence of spool files.  The test case may be trying to use a syscall that is not
       implemented in PASE.  To avoid the SIGILL, try setting the PASE_SYSCALL_NOSIGILL environment variable or have a handler for the SIGILL.	If
       you can compile programs for PASE, run the config script and edit config.sh when it gives you the option.  If you want to remove fchdir(),
       which isn't implement in V5R1, simply change the line that says:

       d_fchdir='define'

       to

       d_fchdir='undef'

       and then compile Perl.  The places where fchdir() is used have alternatives for systems that do not have fchdir() available.

   Perl on ILE
       There exists a port of Perl to the ILE environment.  This port, however, is based quite an old release of Perl, Perl 5.00502 (August 1998).
       (As of July 2002 the latest release of Perl is 5.8.0, and even 5.6.1 has been out since April 2001.)  If you need to run Perl on ILE,
       though, you may need this older port: <http://www.cpan.org/ports/#os400> Note that any Perl release later than 5.00502 has not been ported
       to ILE.

       If you need to use Perl in the ILE environment, you may want to consider using Qp2RunPase() to call the PASE version of Perl.

AUTHORS

       Jarkko Hietaniemi <jhi@iki.fi> Bryan Logan <bryanlog@us.ibm.com> David Larson <larson1@us.ibm.com>

perl v5.16.2							    2012-10-11							      PERLOS400(1)
All times are GMT -4. The time now is 09:18 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy