NAME
default — system default database file for a trusted system
SYNOPSIS
/tcb/files/auth/system/default
DESCRIPTION
The system default database is unique in that it defines system-wide
global parameters for a trusted system.
It is designed to provide values for users and devices on a global
scale rather than requiring an administrator to replicate values in user or
device databases when they are all the same. In addition to being easier to
specify global values, it is also much easier to make a global system change
if necessary.
The system default database is made up of four types of values:
- system-wide parameters
These are parameters
that do not have corresponding specifications in
any other trusted system database.
If a system-wide parameter is not specified in the
default database, then it is undefined.
- user parameters
These parameters are typically specified in a protected password database file.
- terminal control parameters
These parameters are typically specified in the terminal control database file.
- device assignment parameters
These parameters are typically specified in the device assignment database file.
System default parameters may be specified for fields found in the protected
password, terminal control, and device assignment databases. When a specific
entry is retrieved from one of these databases, a structure called,
ufld
that contains all
of the explicitly specified values, is provided to the caller.
A second structure, called
sfld,
is also provided which defines those values supplied from the system
default
database. Each of these structures has a corresponding flag structure called
uflg
and
sflg,
respectively, that indicates which fields in each
structure have been specified and are valid for use.
Programs honor the user or device specific value first if one is provided.
Otherwise, the program may choose to use the system default value if one has
been specified. If neither value is specified, the program may supply a
reasonable default value or abort.
For descriptions of the specific fields provided by the protected password,
terminal control, and device assignment databases, see the corresponding
manual pages listed in
the
SEE ALSO
section for those databases. The following fields are unique to the system
default database and can not be specified in any of the other system databases.
- d_name
This name is set to the string "default".
- d_boot_authenticate
This flag field indicates whether or not boot authentication is required to
boot the machine.
If authentication is required, it is performed by the system
init(1M)
program prior to completing system boot.
EXAMPLES
The following is an example of a typical system default database.
Refer to
authcap(4)
for descriptions of the file and line formats.
default:\
:d_name=default:\
:d_boot_authenticate@:\
:u_pwd=*:\
:u_minchg#0:u_maxlen#10:u_exp#15724800:u_life#31449600:\
:u_pickpw@:u_genpwd@:u_restrict@:u_nullpw@:\
:u_genchars@:u_genletters@:\
:u_maxtries#5:u_lock:\
:t_logdelay#2:t_maxtries#10:\
:chkent:
This system default database defines the four different types of values which
are supported.
First, values that can be assigned on a system-wide only basis
are defined.
Boot authentication at system startup is not enabled.
Login
programs will provide password expiration warnings if the password expires in
less than 604800 seconds from the current system time (this translates
into 60*60*24*7 or 7 days).
The system default database also defines numerous protected password database
default values.
Fields that begin with
u_
correspond to protected password fields.
Similarly, fields starting with the
t_
prefix are terminal control
database fields.
These
field types are used to supply system-wide default values if a user
or device specific value is not supplied by the
corresponding database.
See the appropriate manual pages listed in the
SEE ALSO
section for these databases
for a complete description of the applicable fields.
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems
functionality.
FILES
- /tcb/files/auth/system/default
system default database file for a trusted system; see
authcap(4)
- /tcb/files/auth/*/*
protected password database files; see
prpwd(4)
- /tcb/files/ttys
terminal control database file; see
ttys(4)
- /tcb/files/devassign
device assignment database file; see
devassign(4)
AUTHOR
default
was developed by HP.
Printable version
