Login or Register to Ask a Question and Join Our Community


HP-UX

Openspool problem when changing /etc/passwd permissions

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX Openspool problem when changing /etc/passwd permissions
# 8  
Old 03-05-2009
You could install a shadow file or go "trusted"...
If I remember right all spooladm directories are group bin yes?

What do the other users do ( even though menu driven...) on the box? what user application is run?

The only openspool I have hands on is on an old Bull AIX4.2 and I'm sure it is BULL custom (OPENPAGE software)
And this box has only me defined except root and spooladm...
Code:
$ who -uA
spooladm    lft0        Aug 29 07:20    old       5524                  
spooladm    pts/0       Aug 29 07:20    old      32054  (:0.0)          
spooladm    pts/3       Aug 29 07:20    3:47     31538  (:0.0)          
spooladm    pts/2       Aug 29 07:20     .       31796  (:0.0)          
spooladm    pts/6       Aug 29 07:20    old      32312  (:0.0)          
spooladm    pts/4       Aug 29 07:20    old      32570  (:0.0)          
spooladm    pts/5       Aug 29 07:20    old      32828  (:0.0)          
spooladm    pts/1       Aug 29 07:20    old      33086  (:0.0)          
spooladm    pts/7       Aug 29 07:20     .       33344  (:0.0)          
vbe         pts/8       Mar  5 17:00     .       79530  (ant)   
.
.

# 9  
Old 03-05-2009
suggestion to go in trusted mode
I tried that, worked fine, helped me reach my objective, but then we realized that our backup solution, Symantec's BackupExec and its RALUS agent for Unix stopped working, as it is not compatible with HP-UX trusted mode.... It is a known issue at Symantec, and they even don't have plans to correct that.

So I'm stuck with an obsolete product (OpenSpool) that will follow best practices in security, but don't accept my workaround, and on the other hand current software that does not adhere to security best practices...

What a wonderful world !
# 10  
Old 03-06-2009
Your openspool isnt as obsolete as mine though...

Truted mode ok.. but what about /etc/shadow? There is a optionnal bundle to install
# 11  
Old 03-06-2009
ShadowPW B.01.00.00 HP-UX 11.11 Shadow Password Enablement Product
# 12  
Old 03-06-2009
ShadowPasword bundle
From your suggestion, I installed ShadowPassword bundle, which seems to be a subset of the trusted system, because it removes encrypted passwords from the /etc/passwd file and puts them in /etc/shadow, which is only readable by root.

Man this fits my need 100%, BackupExec still works, and malicious users can't make good use of /etc/passwd (ex John the Ripper).

You are a real genius, thanks for the tip!
# 13  
Old 03-06-2009
Youre welcome!
Thanks for letting us know it solved your problem
# 14  
Old 03-06-2009
BackupExec and /etc/shadow
I cheered to fast, The BackupExec console will not connect to the RALUS agent on /etc/shadow - enabled HP-UX 11.11 server...

Back to the drawing board...

I read in other forums that older builds of the BE agent, namely version 10, will work in such an environment, I'm currently trying to get a copy of that agent version.

I know that this is going backward, and not looking good for the future, but this is a current need that we want to address. Once solved, we can take better decisions for future development of our backup infrastructure...
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Changing windows xp passwd doetn't change smbpasswd on server

Hi All we have small network which is in work group environment.We have one Samba server for sharing data on network.My Problem is when user change his/her password on windows machine i have to manually update his smb passwd on Samba server.I want password should change automatically on... (2 Replies)
Discussion started by: Vaibhav.T
2 Replies

2. Solaris

Impact on existing users when changing passwd defaults

Hi Administering Solaris Systems - Solaris 10 mostly. If I change the /etc/default/passwd settings - E.G. to increase minimum passwd length, then what happens to existing users with passwords shorter than this. presumably they are not affected until next time they want to change password. ... (4 Replies)
Discussion started by: Mudshark
4 Replies

3. UNIX for Dummies Questions & Answers

changing directory permissions

Hi, Im getting this annoying problem on file permission when I copy a folder to a mounted external directory. the files inside the copied folders become all executable. I tried to search for ways how to undo the permission over the web but to no avail. tried this one but it doesnt change a... (2 Replies)
Discussion started by: ida1215
2 Replies

4. Shell Programming and Scripting

Changing Passwd on Many servers that is not NIS

Hi Expert, I have environment where password is locally managed, not NIS, not LDAP, not Centrally managed. In order to access to this environment I have to use Jump Box, and only from jumpbox I can login to every host. I can't login direct from inside one host within that environment to... (1 Reply)
Discussion started by: regmaster
1 Replies

5. Shell Programming and Scripting

changing the permissions

HI, I wann give permissions to a folder which contains multiple folders..... how can i give permissions to all folder at a time tat means if i give permissions to main folder it the same permissions has to take on all the folders in the main folders how can i use one command to give... (1 Reply)
Discussion started by: nani1984
1 Replies

6. Shell Programming and Scripting

HELP changing file permissions

does anyone know how to write a script that will change file permissions. because the Admin blocked me from altering any of my files im only allowed to read and i heard a script like this can bypass it but i dont know how to write it. Display current users. Display user Ids only. Display... (10 Replies)
Discussion started by: live2learn
10 Replies

7. Solaris

Passwd Changing Acting Strange

Hello. I'm getting very odd behavior when I try to change a user's password in Solaris 8. The shell, where it used to ask for a new passwd and a confirmation, now asks FOUR times, with two success message. This is what happens every time: # passwd myusername New Password: xxxxxxxx New... (2 Replies)
Discussion started by: rockusa
2 Replies

8. Solaris

problem in changing the NIS passwd

Now I face a problem in changing the NIS passwd,I have no idea,want you to help me! Today I add some user in the NIS master server ,I "vi" /etc/passwd &/etc/shadow,add user account and password by hand(shadow----no password ,only eight ":"). when finsh,I login ,system told me to input a password... (3 Replies)
Discussion started by: dlsjm
3 Replies

9. UNIX for Advanced & Expert Users

Changing permissions of a user

So I need to change the permissions of my user account. I can access the root account on the server, but don't know how to change the permissions of my user account. I was advised to try 'userconf' to see if I am part of a group, but I dunno how that works. ANyone who knows how to see the... (3 Replies)
Discussion started by: achink125
3 Replies

10. Shell Programming and Scripting

Changing Permissions

Is it possible to change the permissons for an entire directory in one shot? I'm telneting on to a linux server. ...just a beginner-- --Paul (4 Replies)
Discussion started by: pdavid
4 Replies
Login or Register to Ask a Question