HPE Community
Operating System - HP-UX
1820202 Members
3784 Online
109620 Solutions
New Discussion юеВ

Re: how to protect /etc/passwd file from being deleted accidently ?

 
SOLVED
Go to solution
Shah Gaurang B.
Frequent Advisor

тАО10-22-2005 05:49 AM

тАО10-22-2005 05:49 AM

how to protect /etc/passwd file from being deleted accidently ?

is there any shadow concept in hp-ux 11i ? if yes pl. guide me how to set or is there any option related to protect password file for accidently remove ?

pl. guide me .

Thanks in advance to all experts
0 Kudos
Reply
7 REPLIES 7
AwadheshPandey
Honored Contributor

тАО10-22-2005 05:59 AM

тАО10-22-2005 05:59 AM

Re: how to protect /etc/passwd file from being deleted accidently ?

use chmod 555 /etc/passwd
best way to always have a backup copy of this file,

create ur system into trusted system using SAM.
link:

http://wks.uts.ohio-state.edu/sysadm_course/html/sysadm-240.html

It's kind of fun to do the impossible
0 Kudos
Reply
Ranjith_5
Honored Contributor

тАО10-22-2005 06:32 AM

тАО10-22-2005 06:32 AM

Re: how to protect /etc/passwd file from being deleted accidently ?

Hi Shah,

The permission for /etc/passwd is by default,

-r--r--r-- 1 root root

No point in changing the permission from 444 to 555. If you are logged in as root you are not having restrictions for deleting any file.

instead, as a normal security practice,

1. Login as root only when you really need it. For normal work create a normal login ID.

2. Always keep a copy of your configuration file. Not only /etc/passwd, when you use root login, you may destroy the whole system itself with a silly mistake. So always keep a copy of your important configuration files.

3. Create a nickel report of your system and keep it for reference. This is a configuration snapshot of your system. This will help you to retrive your configuration back to normal incase of any problem.


Regards,
Syam


0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО10-22-2005 07:42 AM

тАО10-22-2005 07:42 AM

Solution

Re: how to protect /etc/passwd file from being deleted accidently ?

Hi Shaw:

With regard to accidental deletion of the /etc/passwd file, unless you are running as root (or strictly speaking with a uid=0) then as long as there are no write permissions on the parent '/etc' directory, removal of the 'passwd' file will not be possible.

That said, your best action, however, is to maintain a current backup of all key configuration files.

With regard to a "shadow" password file, yes, HP-UX 11i supports this mechanism. You can download (for free) and install the necesssary filesets to convert to a shadow implementation. The following link offers the details along with the actual software for installation:

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword

Regards!

...JRF...
Reply
Ivan Ferreira
Honored Contributor

тАО10-22-2005 11:04 AM

тАО10-22-2005 11:04 AM

Re: how to protect /etc/passwd file from being deleted accidently ?

Yep, the parent directory permissions determines if the file in the directory can be deleted, not the file permissions itself. So, ensure that write permission for the /etc directory are set only for root.

Also, you can use a script running as a cron job to make "versions" of your passwd file. But this does not makes sense because the passwd file is not the only sensitive file in the system.

Anyway, a good backup plan will save the situation.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Sorrel G. Jakins
Valued Contributor

тАО10-24-2005 03:22 AM

тАО10-24-2005 03:22 AM

Re: how to protect /etc/passwd file from being deleted accidently ?

Change root's password and don't give it out, especially to management.
0 Kudos
Reply
Tim Sanko
Trusted Contributor

тАО10-24-2005 05:43 AM

тАО10-24-2005 05:43 AM

Re: how to protect /etc/passwd file from being deleted accidently ?

Amen, Amen Forever and ever!!!
0 Kudos
Reply
Geoff Wild
Honored Contributor

тАО10-25-2005 01:08 AM

тАО10-25-2005 01:08 AM

Re: how to protect /etc/passwd file from being deleted accidently ?

And yet another way - install cfengine:

http://www.cfengine.org/

Or write a script that checks for /etc/passwd - and restores it automatically if it doesn't exist...

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.