HPE Community
Operating System - HP-UX
1832202 Members
2701 Online
110039 Solutions
New Discussion

Re: trusted system

 
kamal_15
Regular Advisor

‎09-04-2005 03:28 AM

‎09-04-2005 03:28 AM

trusted system

hi all
i have a problem with trusted system
users login becom Expired
but we solve the problem

my question is

how can i know when the system converted to trusted?

please help

kamal
0 Kudos
Reply
8 REPLIES 8
Slawomir Gora
Honored Contributor

‎09-04-2005 05:03 AM

‎09-04-2005 05:03 AM

Re: trusted system

Hi,

I think you can check creation date of /tcb directory.
0 Kudos
Reply
kamal_15
Regular Advisor

‎09-04-2005 05:27 AM

‎09-04-2005 05:27 AM

Re: trusted system

thank you for your response

but is that a good indication for date of converting system to trusted?

if any one open this directory . the date of modification will change.

is thier another way?
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎09-04-2005 05:37 AM

‎09-04-2005 05:37 AM

Re: trusted system

if your is trusted your passwords will be encryted in a trusted database inside the /tcb/files/auth/ directory. If yo have files inside that dir with the names of your users your system is trsted.

An other command you can use is
# /usr/lbin/getprdef
true

will give true if it is trusted.

Hope this helps,
Robert-Jan
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎09-04-2005 05:44 AM

‎09-04-2005 05:44 AM

Re: trusted system

The /tcb directory only has one directory so as long as the root user does not store some bogus file in /tcb, the creation date is indeed the conversion date. All files and directories have three times recorded. The access time for a directory changes whenever the directory is read (searched). The modification time is the creation date until the contents of the directory changes. The change time is when the owner or permissions of the file are changed.

Since no new directories or files are ever created in the /tcb directory, the value returned by:

ll -d /tcb

will document the conversion date.


Bill Hassell, sysadmin
0 Kudos
Reply
yut
Advisor

‎09-04-2005 06:54 PM

‎09-04-2005 06:54 PM

Re: trusted system

you can check creation date /.secure directory. this created when u convert to trusted first.


-yut-
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎09-04-2005 07:44 PM

‎09-04-2005 07:44 PM

Re: trusted system

Hi Kamal,
Your /etc/password file will have "*" in the password field of all users if the system is trusted.

Regards,
Bharat
You need to know a lot to actually know how little you know
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎09-04-2005 08:16 PM

‎09-04-2005 08:16 PM

Re: trusted system

Few ways,

1) [ -d /tcb ] && echo "$(hostname) is trusted"
2) audsys

# audsys
cannot open and lock /.secure/etc/audnames;
verify that the auditing system has been installed properly,
and the /.secure/etc directory exists, prior to running this command

It is saying it is converted to Trusted one

3) sam -> Auditing and Security -> Audited system calls -> It will prompt a window for converting to Trusted if it is not a trusted machine

4) root and other users passwd entry in /etc/passwd will be *

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Cem Tugrul
Esteemed Contributor

‎09-04-2005 08:29 PM

‎09-04-2005 08:29 PM

Re: trusted system

Also many useful links asked before;

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=691956

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=823609

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=839509

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=114240

Good Luck,
Our greatest duty in this life is to help others. And please, if you can't
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.