/etc/default/security file

Olivier LEGRAND — Wed, 22 May 2002 09:21:35 GMT

Hi everybody,

I find no information on this file. Which criteria can I use in this file on a non-trusted-system??

Thanks for your help

Re: /etc/default/security file

Pete Randall — Wed, 22 May 2002 09:43:21 GMT

Oliver,

Try a forums search on /etc/default/security. For example, I got this link:http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x0c8b8cc5e03fd6118fff0090279cd0f9,00.html

Hope this helps,
Pete

Re: /etc/default/security file

T G Manikandan — Wed, 22 May 2002 09:46:09 GMT

check this link for
Bill Hassel's description about /etc/default/security which was introduced from 11.0 for centralized security.

http://www.interex.org/pubcontent/enterprise/jul01/09uxqa.html

THanks

Re: /etc/default/security file

T G Manikandan — Wed, 22 May 2002 09:48:10 GMT

/*
A centralized location ( /etc/default/security) for default security parameters has been cre-ated
in HP-UX 11i. Currently the login, passwd and su commands utilize this information. Each
line in the file is treated either as a comment or as configuration information for a given system
command or feature. If any parameter is not defined or is commented out in this file, the default
behavior detailed below will apply. This file must be world readable and root writable.
Parameter definitions, valid values, and defaults are defined as follows:
??? ABORT_LOGIN_ON_MISSING_HOMEDIR - This parameter controls login behavior
if a user's home directory does not exist. This is applicable only for non-root users. If
the parameter is set to one (1) the login session will exit if the user???s home directory
does not exist. If it is set to zero (0) the user will be allowed to login and his home
directory will be set to the root directory (/). The default value is zero.
??? MIN_PASSWORD_LENGTH - This parameter controls the minimum length of new
passwords. For untrusted systems it can be any value from 6 to 8. It is not applicable
to the root user on a untrusted system. For trusted systems it can be any value from 6 to
80. The default value is 6.
??? NOLOGIN - This parameter controls whether non-root login can be disabled by the /etc/
nologin file. If the value is 1, the contents of the file /etc/nologin will be displayed and
the root user will not be allowed access. If the value is 0, the presence of the file is
ignored. The default value is 0.
??? NUMBER_OF_LOGINS_ALLOWED - This parameter controls the number of logins
allowed per user. This is applicable only for non-root users. A value of zero (0) allows
unlimited logins. The default value is 0.
??? PASSWORD_HISTORY_DEPTH - This parameter controls the password history depth.
A new password is checked only against the number of most recently used passwords
stored in password history for a particular user. A user is not allowed to reuse a previ-ously
used password. The password history depth configuration is on a system basis
and is supported in trusted system. This feature does not support the users in NIS or
NISPLUS repositories. Once the feature is enabled, all the users on the system are
subject to the same check. If this parameter is not configured, the password history
check feature is automatically disabled. When the feature is disabled, the password
history check depth is set to 1. A password change is subject to all of the other rules for
a new password including a check with the current password. The default value is 1.
??? SU_ROOT_GROUP - This parameter defines the root group name for the su command.
The root group name is set to the specified symbolic group name. The su command
enforces the restriction that a non-superuser must be a member of the specified root
group in order to be allowed to su to root. This does not alter password checking. If this
parameter is not defined or if it is commented out, there is no default value. In this case,
a non-superuser is allowed to su to root without being bound by root group restrictions.
??? SU_DEFAULT_PATH - This parameter defines a new default PATH environment value
to be set when su is done. The PATH environment variable is set to new_PATH when
the su command is invoked. Other environment values are not changed. The path value
is not validated. This is applicable only when the "-" option is not used along with su
command. By default the path is not changed.
*/

Thanks

Re: /etc/default/security file

T G Manikandan — Wed, 22 May 2002 09:52:13 GMT

This link should be in a good readable format

http://devresource.hp.com/STKLI/man/11iv1.5/security_4.html

topic /etc/default/security file in Operating System - HP-UX

/etc/default/security file

Re: /etc/default/security file

Re: /etc/default/security file

Re: /etc/default/security file

Re: /etc/default/security file