Difference between security files of trusted systems. (208 Views)
Reply
Advisor
OScar123
Posts: 25
Registered: ‎05-12-2011
Message 1 of 4 (208 Views)

Difference between security files of trusted systems.

Query 1:

Guys, In 11.31 what is the difference between these security files

 

/tcb/files/auth/system/default  and /etc/default/security.

 

Which one to modify for setting user default password policies.

 

Query2:

And I understand that these files are used for global setting and userdb is for per user basis, but then why am i getting this error on my trusted system.

 

server1:/#userdbget xyz
userdbget: not allowed on a Trusted System


 

 

 

Please use plain text.
Acclaimed Contributor
Dennis Handly
Posts: 24,750
Registered: ‎03-06-2006
Message 2 of 4 (202 Views)

Re: Difference between security files of trusted systems.

>userdbget: not allowed on a Trusted System

 

I don't see anything specific about userdbget(1m) and limitations.  But I guess it must only work for shadow database and not trusted.

Please use plain text.
Honored Contributor
Bill Hassell
Posts: 14,178
Registered: ‎05-29-2000
Message 3 of 4 (199 Views)

Re: Difference between security files of trusted systems.

The Trusted system database (actually, files and directories are all within /tcb. Some global settings for Trusted are in the /tcb/files/auth/system directory and some are defined in the /etc/default/security file. Individual login settings are part of the user's login file in /tcb/files/auth/[A-Za-z] directories.

 

userdbget has nothing to do with Trusted systems. But to make things complicated, the 2 security environments do use the same /etc/default/security file.

Please use plain text.
Advisor
OScar123
Posts: 25
Registered: ‎05-12-2011
Message 4 of 4 (193 Views)

Re: Difference between security files of trusted systems.

I found one link on net which say that /tcb/files/auth/system is used only by trusted system and /etc/default/security can be used in trusted as well as non trusted systems. 

 

 

 

Is it right..

 

If it is right then suppose if i set a different password expiry value in /tcb/files/auth/system as well as /etc/default/security then which one  will be effective??

Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation