Visit Our UNIX and Linux User Community

Linux and UNIX Man Pages

Test Your Knowledge in Computers #528
Difficulty: Medium
The Extended ASCII character set adds support for 128 additional characters (numbered 128 through 255) by adding 1 more bit (16 total).
True or False?
Linux & Unix Commands - Search Man Pages

devassign(4) [hpux man page]

devassign(4)						     Kernel Interfaces Manual						      devassign(4)

devassign - device assignment database file for a trusted system SYNOPSIS
The system supports a single device assignment database that contains entries for local login terminals. The format of the terminal control database file is identical to other trusted system authentication database files. For more information on the file format, see authcap(4). The file consists of keyword field identifiers and values for those fields. The keyword identifiers supported and their use include: This field specifies a comma separated list of aliases that refer to the same device defined by the entry. Use of this field avoids the need to replicate device assignment database entries for all device aliases. This field specifies the device that is described by the entry. Device types supported include: The device is assigned as a local login terminal device. This field, if specified, contains a comma separated list of user names that are permitted to use the device for login or the import/export of data. If the list is not present, all users are permitted to use the device. If the list is present, it is searched for a match by the login program to determine if the user is per- mitted to use the device. EXAMPLES
The following is an example of a device assignment database entry for a terminal device assigned as a login device: WARNINGS
Remote terminals (ptys) should not be added to the or databases. Device name formats treated as ptys by login are: where x is a letter, and y is a hex number where x is a letter, and y is a hex number HP-UX 11i Version 3 is the last release to support trusted systems functionality. AUTHOR
was developed by HP. SEE ALSO
login(1), getdvagent(3), ttys(4), authcap(4), default(4). TO BE OBSOLETED devassign(4)

Check Out this Related Man Page

default(4)						     Kernel Interfaces Manual							default(4)

default - System default database file (Enhanced Security) DESCRIPTION
The system default database is unique in that it defines system-wide global values. It is designed to provide values for users and devices at a global level so that an administrator is not required to replicate values in user or device databases when they are all the same. In addition to being easier to specify global values, it is also much easier to make a global system change if necessary. The system default database contains four types of values: System-wide values that do not have corresponding specifications in any other system database. If a system-wide value is not specified in the default database, then it is undefined. User values, which are typically specified in a protected password database file. Terminal control values, which are typically specified in the terminal control, database file. Device assignment values, which are typically specified in the device assignment database file. The field names for each value type begin with an identifying prefix. The following list of prefixes also lists the reference page that explains the associated database: d_ Defaults database field. (this reference page) t_ Terminal control database field. (ttys(4)) u_ Protected password database field. (prpasswd(4)) v_ Device assignment database field. (devassign(4)) System default parameters can be specified for fields found in the protected password, terminal control, and device assignment databases. When a specific entry is retrieved from one of these databases, a structure called ufld that contains all of the explicitly specified val- ues is provided to the caller. A second structure, called sfld, is also provided; it defines those values supplied from the system default database. Each of these structures has a corresponding flag structure called uflg and sflg respectively that indicates which fields in each structure have been specified and are valid for use. Programs honor the user-specific or device-specific value if one is provided. Otherwise, pro- grams use the system default value if one has been specified. If neither value is specified, the program may supply a reasonable default value or abort. The following fields are defined only in the defaults database: This field contains the value, measured in seconds, used to control whether a password expiration warning is given at login time. If the password expiration time contained in the user's protected password database file falls within this time interval (measured from the cur- rent system time), a warning is given. This field is a string that specifies the full path name of the program or script to call for site- specific security policy conformance decisions. This field contains the name which is set by default to the string default. This flag field is not currently used. This flag is for MLS+ compatibility only. It's ignored in DIGITAL UNIX Version 4.0. This field is an ASCII identifier of the security class supported by the system and is used for informational purposes only. The choices include a1, b1, b2, b3, c1, c2, and d. A boolean expression indicating that the password set by the administrator should be set to expire immediately. This flag controls whether auto-migration requires a password change at the time it creates the account, or whether it assumes the password was set at the present time. It also controls the forced-expiration-required action of when an administrator changes a user's password. A boolean expression indicating that the ttys database is not updated during logins. This flag (if set in the system defaults database) causes login attempts (successful or not) to skip updating the ttys database. This speeds up logins at the expense of not doing break-in evasion. A boolean expression that causes a new extended profile to be created if no extended profile exists, but there is a valid base profile. If this flag (in the system defaults database) is set, and a user attempts to log in with no extended profile, but the user does have a legit- imate BSD-style profile, an extended profile is created for that user (all defaults, except where specific information is required, like username and UID). A numeric value is seconds indicating how far into the future a user-initiated vacation can be scheduled. If either d_max_vacation_future or d_max_vacation_duration is zero, no user-initiated use of the vacationing feature is possible. This field (in the system defaults database) are zero (implicitly) as shipped. A numeric value is seconds indicating how long a user-initiated scheduled vacation can last. If either d_max_vacation_future or d_max_vacation_duration is zero, no user-initiated use of the vacationing feature is possible. This field (in the system defaults database) are zero (implicitly) as shipped. A boolean expression that SIA vouching is accepted from other authentication mechanisms. If this field is set (in the system defaults database), then other C2 mechanisms will not demand a password of their own, if another preceding SIA mechanism has already validated the user. (This is in support of mixing DCE+C2.) This does mean that the C2 password controls do not mean much (if anything) when DCE is up and in use, but is under admin control, and defaults off. It can also be desirable to set this if using S/Key or smartcard support. EXAMPLES
The following example is a typical system default database: default: :d_name=default: :d_secclass=c2: :d_boot_authenticate@: :d_audit_enable@: :d_pw_expire_warning#3456000: :u_pwd=*: :u_minchg#0:u_maxlen#10:u_exp#15724800:u_life#31449600: :u_pickpw:u_genpwd:u_restrict@:u_nullpw@: :u_genchars:u_genletters: :u_maxtries#5:u_lock: :t_logdelay#2:t_maxtries#10: :chkent: FILES
Specifies the pathname of the file. RELATED INFORMATION
Functions: getprdfent(3) Files: authcap(4), devassign(4), prpasswd(4), ttys(4) delim off default(4)

Featured Tech Videos