HPE Community
Operating System - HP-UX
1754019 Members
7617 Online
108811 Solutions
New Discussion

/tcb, passwd/group file(s) related question

 
SOLVED
Go to solution
john guardian
Super Advisor

‎08-09-2011 06:01 AM

‎08-09-2011 06:01 AM

/tcb, passwd/group file(s) related question

The system is 11.23 and Trusted

 

Is there any means (ie: modprpw/pwck, grpck etc) other than shell script to check/verify that all GIDs in the passwd file also exist in the group file?

 

One of the admins found a GID in a passwd file that did not exist in the /etc/group file. This system was upgraded from 11.0 to 11i-v1 then v2. Users and groups have come and gone. The system has to my knowledge always used a Trusted env.

0 Kudos
Reply
2 REPLIES 2
James R. Ferguson
Acclaimed Contributor

‎08-09-2011 06:12 AM

‎08-09-2011 06:12 AM

Solution

Re: /tcb, passwd/group file(s) related question

Hi John:

 

I'm surprised that neither 'pwck' nor 'grpck' don't discover inconsistences.  If not, a simply script to read the GID from '/etc/passwd' and query '/etc/group' would suffice.

 

Since your system is trusted, I would also run 'authck -p' (or 'pwck -s' which will do that for you).

 

Regards!

 

...JRF...

Reply
john guardian
Super Advisor

‎08-10-2011 08:01 AM

‎08-10-2011 08:01 AM

Re: /tcb, passwd/group file(s) related question

According to what the admin told me, he manually deleted a group from the /etc/group file to test. No error/missing entries info was returned.

 

I emailed him a simple script to capture the group fields of /etc/passwd and grep/uniq/compare to the group file, which worked. I thought I remembered the pw/grp-ck cmds working, but for his case, they didn't.

 

Thx!

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.