topic Re: /etc/default/security in Operating System - HP-UX

/etc/default/security

Lori Burgess — Fri, 21 Jul 2006 09:39:50 GMT

I was wondering if there is a way to put exceptions into the security file. Example would be everyone but this user is allowed to only login three times?? Is this possible??

Thanks

Re: /etc/default/security

Patrick Wallek — Fri, 21 Jul 2006 09:42:58 GMT

That can't be done in /etc/default/security, BUT if the system is trusted then you can go into SAM and modify the security policies for individual users. If you want to work from the command line, you can use the modprpw command.

If you are on HP-UX 11.11 or later, 'man modprpw' for more information.

Re: /etc/default/security

Pete Randall — Fri, 21 Jul 2006 09:45:15 GMT

I don't think the security file handles exceptions like this. You would be better off to add this logic to /etc/profile, testing the user and the number of logins and exiting if more than three.

Pete

Re: /etc/default/security

Lori Burgess — Fri, 21 Jul 2006 09:48:26 GMT

Thank you for your reply! I just wanted to make sure there was no way to do this in the security file.

Re: /etc/default/security

Lori Burgess — Fri, 21 Jul 2006 09:50:51 GMT

all set thank you very much

Re: /etc/default/security

doug hosking — Wed, 26 Jul 2006 15:36:45 GMT

As previously noted, your best bet is probably to change the system defaults, then override in individual user accounts. On newer versions of HP-UX 11.23 and later, you can use userdbset to do this. If in trusted mode, the process is a bit different. (/usr/lbin/modprdef changes system defaults, while /usr/lbin/modprpw changes individual accounts. Usually you would want to manipulate these through SAM.)