Security
Showing results for 
Search instead for 
Do you mean 

Difference between security files of trusted systems.

Highlighted
Advisor

Difference between security files of trusted systems.

Query 1:

Guys, In 11.31 what is the difference between these security files

 

/tcb/files/auth/system/default  and /etc/default/security.

 

Which one to modify for setting user default password policies.

 

Query2:

And I understand that these files are used for global setting and userdb is for per user basis, but then why am i getting this error on my trusted system.

 

server1:/#userdbget xyz
userdbget: not allowed on a Trusted System


 

 

 

3 REPLIES
Acclaimed Contributor Acclaimed Contributor

Re: Difference between security files of trusted systems.

>userdbget: not allowed on a Trusted System

 

I don't see anything specific about userdbget(1m) and limitations.  But I guess it must only work for shadow database and not trusted.

Honored Contributor Honored Contributor

Re: Difference between security files of trusted systems.

The Trusted system database (actually, files and directories are all within /tcb. Some global settings for Trusted are in the /tcb/files/auth/system directory and some are defined in the /etc/default/security file. Individual login settings are part of the user's login file in /tcb/files/auth/[A-Za-z] directories.

 

userdbget has nothing to do with Trusted systems. But to make things complicated, the 2 security environments do use the same /etc/default/security file.

Advisor

Re: Difference between security files of trusted systems.

I found one link on net which say that /tcb/files/auth/system is used only by trusted system and /etc/default/security can be used in trusted as well as non trusted systems. 

 

 

 

Is it right..

 

If it is right then suppose if i set a different password expiry value in /tcb/files/auth/system as well as /etc/default/security then which one  will be effective??