- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- to set root password expiry as NULL
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 06:17 AM
тАО03-18-2009 06:17 AM
root PS 02/17/09 0
serverxx:/ #
The test requirement says the root password attributes should be set to NULL
I did
serverxx:/ # passwd -n 0 -x 0 -w 0 root
serverxx:/ #
Now it is
serverxx/ # passwd -s root
root PS 02/17/09 0 0
serverxx/#
I do not want to see any zeroes..any value at all..i.e., the attributes should be set to NULL...can somebody explain me how to acheive this? Thank you.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 06:28 AM
тАО03-18-2009 06:28 AM
Re: to set root password expiry as NULL
There is a utility called vipw
It edits /etc/passwd
You can empty out the password field.
You can use sam to change the aging of the root password to not expire.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 06:56 AM
тАО03-18-2009 06:56 AM
Re: to set root password expiry as NULL
I am Masood :-)
Here is the output with only first two lines:
serverxx:/#vipw
root:*:0:3::/:/sbin/sh
daemon:*:1:5::/:/sbin/sh
The password field has a *
In Sam->accts for users n groups->users->root/actions/security policies->passwd ageing policies is disabled already
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 07:02 AM
тАО03-18-2009 07:02 AM
Re: to set root password expiry as NULL
I cannot anything like password expiry in sam
I do not fully understand the significance of removing the * in the /etc/passwd
I want no zeroes here
serverxx:/ # passwd -sa
root PS 02/17/09 0 0
Also..
I had been to this page
#man modprpw
:my own extracts for you..I am not sure though:
modprpw(1M) modprpw(1M)
-e This option is specified with a user name to expire the specified
user's password. It zeroes the successful change time.
May be combined with options -l, -m, -n.
Boolean values are specified as YES, NO, or DFT for system
default values (/tcb/files/auth/system/default). Numeric values
are specified as positive numbers, 0, or -1. If the value -1 is
specified, the numeric value in the database is removed, allowing
the system default value to be used. Time values are specified
in days, although the database keeps them in seconds.
No aging is present if the following 4 database parameters are
all zero: u_minchg, u_exp, u_life, u_pw_expire_warning.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 08:58 AM
тАО03-18-2009 08:58 AM
Re: to set root password expiry as NULL
Looking at passwd man page I'm not sure what you're doing is valid:
-s name Display some password attributes associated with the
specified name. Superuser privilege and non-trusted
mode is required if the files repository is specified.
I assume you have a trusted configuration as you have an asterick in the user password field and you are looking at trusted system commands (modprpw).
HTH, Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 09:16 AM
тАО03-18-2009 09:16 AM
Re: to set root password expiry as NULL
modprpw -m mintm=0,lftm=0,exptm=0,expwarn=0 root
Maybe you should then use getprpw to check this, as opposed to passwd -s.
Info on DB fields:
mintm=value database u_minchg=(value*86400).
Set the minimum time interval between
password changes (days). 0 = none. Same as
non-trusted mode minimum time.
lftm=value database u_life.
Set password life time interval (days). 0 =
infinite.
exptm=value database u_exp=(value*86400).
Set password expiration time interval (days).
0 = expired. Same as non-trusted mode
maximum time.
expwarn=value database u_pw_expire_warning=(value*86400).
Set password expiration warning time interval
(days). 0 = none.
HTH, Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 04:43 PM
тАО03-18-2009 04:43 PM
Re: to set root password expiry as NULL
serverxx:/ # /usr/lbin/getprpw root
uid=0, bootpw=YES, audid=0, audflg=1, mintm=0, maxpwln=-1, exptm=0, lftm=-1, spwchg=Tue Feb 17 17:02:10 2009, upwchg=Tue Mar 17 16:59:08 2009, acctexp=-1, llog=-1, expwarn=0, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Mar 19 00:42:15 2009, ulogint=Wed Mar 18 12:40:02 2009, sloginy=console, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000
serverxx:/ #
What does this say??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 09:49 PM
тАО03-18-2009 09:49 PM
SolutionA question to you would be what fields do you not understand?
getprpw(1m) lists all of the fields under -m.
It also says you can look at prpwd(4) for more details:
http://docs.hp.com/en/B2355-60130/getprpw.1M.html
http://docs.hp.com/en/B2355-60130/prpwd.4.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-18-2009 10:01 PM
тАО03-18-2009 10:01 PM
Re: to set root password expiry as NULL
Here is the meaning of this values.
uid user uid
bootpw boot authorization flag
audid audit id
audflg audit flag
mintm minimum time between password changes
maxpwln maximum password length
exptm password expiration time
lftm password lifetime
spwchg last successful password change time
upwchg last unsuccessful password change time
acctexp account expiration time
llog last login time interval
expwarn password expiration warning time
usrpick whether user picks password, YES/NO/DFT
syspnpw whether system generates pronounceable passwords, YES/NO/DFT
rstrpw whether password is restricted, i.e, checked for triviality, YES/NO/DFT
nullpw NULL passwords are allowed, YES/NO/DFT. Not recommended!
syschpw whether system generates passwords having characters only, YES/NO/DFT
sysltpw whether system generates passwords having letters only, YES/NO/DFT
timeod time of day allowed for login
slogint time of last successful login
ulogint time of last unsuccessful login
sloginy tty of last successful login
culogin consecutive number of unsuccessful logins so far
uloginy tty of last unsuccessful login
umaxlntr maximum unsuccessful login tries
alock administrator lock, YES if on, NO if off, DFT if not set.
lockout returns the reason for a lockout in a "bit" valued string,
where 0 = condition not present,
1 is present. The position,
for more info do man getprpw
Suraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-19-2009 07:50 AM
тАО03-19-2009 07:50 AM
Re: to set root password expiry as NULL
Now seeing those lines..can I say the attributes set for user root are set to NULL?