HPE Community
Operating System - HP-UX
1831642 Members
1814 Online
110027 Solutions
New Discussion

HP Kernel Parameters & trusted system

 
Ngoh Chean Siung
Super Advisor

‎10-28-2004 04:03 PM

‎10-28-2004 04:03 PM

HP Kernel Parameters & trusted system

Hi,

Q1) How to get all the HP Kernel Parameters setting?

Example:

Parameter : NSTRBLKSCHED
Current : 2
Parameter
Desciprtion : Number of blockable streams scheduler daemons to run

Q2) During converting to trusted system, at which stage, all the users password will be expire and required to change? During enable password aging or ...? Can I hv the steps the convert into trusted system?

regards.
0 Kudos
Reply
4 REPLIES 4
Sridhar Bhaskarla
Honored Contributor

‎10-28-2004 04:43 PM

‎10-28-2004 04:43 PM

Re: HP Kernel Parameters & trusted system

Hi,

1. 'kmtune' will give you a list of tunables. To find the corresponding descriptions look at /usr/sam/lib/kc/params.tx file. You can write a small awk program that can combine the outputs of kmtune and the above file.

2. To convert the system, either you can use 'sam' or the command 'tsconvert'. Simply running tsconvert will convert the system to trusted. However, it will expire the user passwords (this is to initialize the timestamps and history) by setting a global parameter 'exptm'. You can either use "SAM" to disable expiry or use the command

modprdef -m exptm=0

to unexpire the passwords.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Ngoh Chean Siung
Super Advisor

‎10-28-2004 05:04 PM

‎10-28-2004 05:04 PM

Re: HP Kernel Parameters & trusted system

Hi,

It means that before converting to trusted system, I can skip the action to expire all the users password. It is not the mandatory process that system will do, right. But, if all the users password is not expired, how the timestamps and history process to be carried out? By the way, how to disable the all the users password expire in SAM?

regards.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎10-28-2004 05:40 PM

‎10-28-2004 05:40 PM

Re: HP Kernel Parameters & trusted system

Hi,

You don't need to expire the passwords manually, system will do it for you when you first converted the system to trusted. If the passwords are not expired (or disabled from expiring), then the last (un)successful change will not be there in the password database.

To disable all the users, go into "Auditing and Security" -> "System Security Policies" and disable password aging.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Rainer von Bongartz
Honored Contributor

‎10-28-2004 09:53 PM

‎10-28-2004 09:53 PM

Re: HP Kernel Parameters & trusted system

Before converting to trusted, I higly recommend that you check your passwd and groups file

Use

/usr/sbin/pwck
and
/usr/sbin/grpck

Regards
Rainer
He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.