topic Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user in Operating System - HP-UX

Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Basi Reddy — Tue, 30 Mar 2010 11:29:33 GMT

I'm not able to find the files which are affected when I execute the passwd -x command on my NonTrusted Hpux machine.

OS version: B.11.11 U 9000/800 2865163845 unlimited-user license

Note: I do not have following files in the hpux machine.

/etc/shadow
/.secure/etc/passwd
/tcb/files/auth
/etc/default/security

Any help/pointer in this regard is highly appreciated.

Thank you

Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Dennis Handly — Tue, 30 Mar 2010 14:15:55 GMT

If you are using the default password scheme, only /etc/passwd gets changed.
(Assuming you aren't using NIS.)

Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Tingli — Tue, 30 Mar 2010 15:17:15 GMT

If you use shadow password then file /etc/shadow is changed when you run passwd -x.

See: http://docs.hp.com/en/B2355-90950/ch08s15.html

Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Steven E. Protter — Tue, 30 Mar 2010 18:13:07 GMT

Shalom,

If you are getting a message like this, your system may be trusted, or possibly have a problem.

/tcb/files/auth is part of trusted syste4m infrastructure.

/etc/shadow is implemented when you install the shadow password depot available at http://software.hp.com

/etc/default/security is as the name implies the keeper of security defaults. That file needs to be on the system no matter the circumstances.

So I have to ask, what has happened to this system? It is highly inadvisable to run shadow passwords and trusted system at the same time. Each has its own authentication/storage scheme.

SEP

Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Basi Reddy — Wed, 31 Mar 2010 02:25:11 GMT

Its not a NIS nor a trusted Hpux box.

Output of the passwd commands:
passwd -x 3 -n 9 test1
argument rounded up to nearest week
argument rounded up to nearest week

passwd -s test1
test1 PS 12/11/08 14 7

From passwd file
cat /etc/passwd | grep test1
test1:KciRFSYBXgr62,/0kT:107:20::/home/test1:/sbin/sh

Is the password last changed date, min and max values are encoded in the passwd file for an user?

Some of the forum threads related to the same question says /0kT in passwd file is to be decoded.

Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Dennis Handly — Wed, 31 Mar 2010 04:50:21 GMT

>passwd -x 3 -n 9 test1

Any reason you want the max (-x) smaller than the min (-n)? This means the user can't change the password.

>test1:KciRFSYBXgr62,/0kT:107:20::/home/test1:/sbin/sh
>Is the password last changed date, min and max values are encoded in the passwd file for an user?

Exactly:
$ passwd_expires /0kT
Only superuser can change the password
Max weeks to expire: 1
Min weeks to reset: 2
Weeks since 1970: 2032
Password was reset on: Wed Dec 10 16:00:00 2008
Password expires on: Wed Dec 17 16:00:00 2008

I'm not sure if the other fields are valid after the "Only superuser can change the password". passwd(4) isn't clear.

Re: Which files on Hpux NonTrusted are updated when fired passwd -x command for an user

Basi Reddy — Thu, 01 Apr 2010 07:23:43 GMT

there is no significant reason for min is greater than max. Just provided an example. with different figures for min and max.

I've got the required answer from you guys.
Really appreciate your help.