BladeSystem Forums have moved here
To make BladeSystem information easier to find, we have moved the BladeSystem forums here, to Servers and Operating Systems.
Security
Showing results for 
Search instead for 
Do you mean 

Difference between security files of trusted systems.

Advisor

Difference between security files of trusted systems.

Query 1:

Guys, In 11.31 what is the difference between these security files

 

/tcb/files/auth/system/default  and /etc/default/security.

 

Which one to modify for setting user default password policies.

 

Query2:

And I understand that these files are used for global setting and userdb is for per user basis, but then why am i getting this error on my trusted system.

 

server1:/#userdbget xyz
userdbget: not allowed on a Trusted System


 

 

 

3 REPLIES
Acclaimed Contributor

Re: Difference between security files of trusted systems.

>userdbget: not allowed on a Trusted System

 

I don't see anything specific about userdbget(1m) and limitations.  But I guess it must only work for shadow database and not trusted.

Honored Contributor

Re: Difference between security files of trusted systems.

The Trusted system database (actually, files and directories are all within /tcb. Some global settings for Trusted are in the /tcb/files/auth/system directory and some are defined in the /etc/default/security file. Individual login settings are part of the user's login file in /tcb/files/auth/[A-Za-z] directories.

 

userdbget has nothing to do with Trusted systems. But to make things complicated, the 2 security environments do use the same /etc/default/security file.



Bill Hassell, sysadmin
Highlighted
Advisor

Re: Difference between security files of trusted systems.

I found one link on net which say that /tcb/files/auth/system is used only by trusted system and /etc/default/security can be used in trusted as well as non trusted systems. 

 

 

 

Is it right..

 

If it is right then suppose if i set a different password expiry value in /tcb/files/auth/system as well as /etc/default/security then which one  will be effective??