11-29-2017
I agree. Have a look at /etc/shadow or wherever the credentials files are held (somewhere down /tcb/auth/files ?) where there is a file for each user. If the password is *LK* or something else that is not a random 13 character string, then they can't be logged onto anyway. In theory someone with super-user privilege could su to them without needing a password, but then they would have all privileges already.
Robin
5 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi Gang,
Running a script in AIX 5.3. Users wanted me to add a "confirm you want to run script, enter 'y' or 'n'" kind of thing... here is what I came up with:
#!/bin/sh
myfile=`basename "$1"`
dateNow=`date "+%m.%d.%Y.%H.%M.%S"` # Get current date
mydatedfile=$myfile.$dateNow... (2 Replies)
Discussion started by: yall
2 Replies
2. Solaris
What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies
3. Shell Programming and Scripting
Hi there
how can i get the result of a command to not give me its error. For example, on certain systems the 'zfs' command below is not available, but this is fine becaues I am testing against $? so i dont want to see the message " command not found" Ive tried outputting to /dev/null 2>&1 to no... (5 Replies)
Discussion started by: hcclnoodles
5 Replies
4. UNIX for Dummies Questions & Answers
Hey, I'm completely new at this and I was wondering if there is a way that I would be able to redirect the log files in a directories standard output and standard error into and excel spreadsheet in anyway?
Please remember don't use too advanced of terminology as I just started using shell... (6 Replies)
Discussion started by: killaram
6 Replies
5. UNIX for Dummies Questions & Answers
Hi Everyone,
When I runthe query in ssh shell sudo cat /etc/security/user , I see half of the users cut down from the display screen. what I want to do is using the somthing like "pop" that when I hit the enter key every time the screen should move to the next user? does some one has any idea how... (4 Replies)
Discussion started by: starter2011
4 Replies
LEARN ABOUT OSF1
convauth
convauth(8) System Manager's Manual convauth(8)
NAME
convauth - convert security authorization databases into database format
SYNOPSIS
/usr/tcb/bin/convauth [-O] [-d dblist] [-q] [-r] [-u uid] [-v] [-H]
FLAGS
-d dblist
Specifies which databases to convert. Choose one or more of the letters d, f, p, t, or v.
d - /etc/auth/system/default to /etc/auth/system/default.db
f - /etc/auth/system/files to /etc/auth/system/files.db
p - /tcb/files/auth/?/* to /tcb/files/auth.db and /var/tcb/files/auth.db
t - /etc/auth/system/ttys to /etc/auth/system/ttys.db
v - /etc/auth/system/devassign to /etc/auth/system/devassign.db
If no -d option is given, the default database list is as though -d pt were specified.
-q Suppresses non-error output.
-r Keeps all migrated user-profile entries in /tcb/files/auth.db rather than /var/tcb/files/auth.db.
-u uid Specifies the minimum general user UID. User-profile entries with uids lower than this value (default 100) are written to the
/tcb/files/auth.db file, and profile entries with UIDs greater than or equal to this value are written to the /var/tcb/files/auth.db
file.
-v Gives more verbose messages.
-O Reverts from *.db files to old-style databases. Not allowed for auth.db.
-H Prints a help messages and exits with no further processing.
DESCRIPTION
The convauth utility is used to convert existing ASCII system authorization database files to database format for faster access and
updates. In the case of the ttys and user-profile data, this greatly improves the performance of login when using enhanced security.
The convauth utility is executed by update installation scripts.
EXAMPLES
The default conversion done to convert the user profiles and terminals information:
# convauth
The same conversion explicitly showing the default databases and general user UID assumptions:
# convauth -d tp -u 100
Conversion of only the device assignment data:
# convauth -d v
RELATED INFORMATION
Commands: convuser(8), edauth(8), authck(8)
Files: authcap(4), prpasswd(4), ttys(4), default(4), devassign(4), files(4)
Security delim off
convauth(8)