Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

authcap(F)

getprdfent(S)

prpw(F)

sysadmsh(ADM)

ttys(F)


 default(F)                    06 January 1993                     default(F)


 Name

    default - system default database file

 Format

    See authcap(F)

 Description

    The default file (/etc/auth/system/default) allows an administrator to
    define and change system-wide parameter values globally for users and de-
    vices.

    Changes to this file are normally made by selecting Accounts -> Defaults
    in sysadmsh(ADM).

    default contains three types of parameters:

    +  System wide parameters which do not appear in any other system data-
       base. A system wide parameter not specified in default database is
       undefined.

    +  User parameters which are typically specified in a protected password
       database file (see prpw(F)).

    +  Terminal control parameters which are typically specified in the ter-
       minal control database file (see ttys(F)).

    System default parameters may be specified for fields found in the pro-
    tected password (prpw) and terminal control (ttys) databases.  Trusted
    programs honor the values from the prpw and ttys databases first if pro-
    vided.  Otherwise, the program may choose to use the system default value
    if one has been specified. If neither value is specified, the program may
    supply a reasonable default value or abort.

    For descriptions of the specific fields provided by the protected pass-
    word and terminal control databases, see the prpw(F) and ttys(F) manual
    pages.

    The following fields are unique to the system default database and should
    not be specified in any of the other system databases:

    u_integrity    Indicates whether inconsistencies between data held in the
                   passwd file and the prpw database will cause a failure, or
                   be silently ignored.

    d_name         Set to the string ``default''.

    u_pwseg        Contains a value determining how many segments, each
                   equivalent to 8 characters of clear text, are significant
                   when validating passwords.

    u_secclass     Identifies the security class supported by the system.
                   Used for informational purposes only. Possible values are
                   a1, b1, b2, b3, c1, c2, and d.

    u_singleuserpswd
                   Indicates whether the root password is required to enter
                   system maintenance mode.

    u_tcbpw        Indicates whether the prpw database or the passwd file
                   should be used when there are inconsistencies between
                   them.

 Examples

    The following is an example of a typical system default database:

       default:\
               :d_name=default:\
               :u_pwd=*:\
               :u_priority#0:\
               :u_cmdpriv=audittrail,su,queryspace,printqueue:\
               :u_syspriv=execsuid,nopromain,chmodsugid,chown:\
               :u_minchg#0:u_maxlen#10:\
               :u_exp#3628800:u_life#15768000:\
               :u_pickpw:u_genpwd:u_restrict@:u_nullpw@:\
               :u_suclog#0:u_unsuclog#0:u_maxtries#5:u_lock:\
               :u_singleuserpswd:u_secclass=c2:\
               :u_integrity:u_tcbpw:u_pwseg#10:\
               :t_logdelay#2:t_maxtries#9:t_login_timeout#40:\
               :chkent:

    This system default database defines the three different types of values
    which are supported. The following values are assigned on a system-wide
    only basis:

    +  The root password must be supplied to enter system maintenance mode
       (u_singleuserpswd).

    +  The system security class is defined as c2 (u_secclass=c2).

    +  Inconsistencies in data held about a user in the passwd and prpw files
       will cause operations such as login to fail (u_integrity).

    +  When information about a user in passwd and prpw differs, the prpw in-
       formation will be assumed to be correct (u_tcbpw).

    +  Lastly, up to 80 characters of clear text are significant in password
       comparisons (u_pwseg#10).

    This database also defines protected password and terminal control data-
    base default values. Fields beginning with u_ correspond to protected
    password fields. Similarly, fields starting with the t_ prefix are termi-
    nal control database fields. The three field types are used to supply
    system-wide default values if a user or terminal specific value is not
    supplied by the corresponding database. See the prpw(F) and ttys(F) manu-
    al pages for these databases for a complete description of the applicable
    fields.

 Files

    /etc/auth/system/default    system default database

 See also

    authcap(F), getprdfent(S), prpw(F), sysadmsh(ADM), ttys(F)

 Standards conformance

    default is not part of any currently supported standard; it is an exten-
    sion of AT&T System V provided by The Santa Cruz Operation, Inc.

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026