The information systems security officer (ISSO) is responsible for ensuring
the integrity of the system.
To do this, the ISSO runs the
authck
program,
which checks the internal consistency of the files that make up the authentication
database.
(This function cannot be performed with the GUIs.)
This chapter describes the
authck
program, suggests
reasons for running it, and explains what to do if it finds discrepancies.
12.1 Composition of the Authentication Database
The enhanced security authentication database, consists of the following subsidiary databases:
Protected password database (/tcb/files/auth.db
and
/var/tcb/files/auth.db)
System defaults database (/etc/auth/system/default)
For detailed information about the format and contents of the databases,
see the
default(4),
devassign(4),
files(4),
prpasswd(4), and
ttys(4)
reference pages.
The system management GUI interface is the preferred method for modifying
these databases.
But, for disaster recovery or for times when the GUI interface
is not available, the
edauth
program can be used to modify
the databases.
In single user mode, the
/usr
and
/var
file systems must be mounted before the
edauth
program is used.
12.2 Running the authck Program
The
authck
program
checks the overall structure and the internal consistency
of the authentication database.
The
authck
program checks
for the correctness of entries within each database and also checks related
fields in other databases.
For example, it checks the protected password database
entry for a user against the
/etc/passwd
file.
You can specify the following arguments on the
authck
command line:
-pChecks the protected
password database and the
/etc/passwd
file to ensure that
they are complete and that they agree with each other.
It also checks the
protected password database for reasonable values.
-tChecks the fields in the terminal control database for reasonable values.
-fChecks the file control database for syntax and value specification errors. Without this flag, entries with unknown authorizations, user names, and so on, are ignored. Typically these errors are typographical, such as "rooot" instead of "root," and the program attempts to guess the right value.
-vVerbose mode.
-aPerforms the functions
of
-f,
-p,
-t, and
-v.
Provides program activity status
during operation.
The
authck
program produces a report listing any
discrepancies between the databases.
Compare the output of the program with
the actual database entries and rectify any differences immediately.
Problems
typically occur because someone has manually updated one of the databases
without making the corresponding change to the related databases.
12.3 Adding Applications to the File Control Database
When you add applications to the system by
a means other than the
setld
program, you should also add
file control database entries for the application's control and database files
and programs.
It is best to consult with the application supplier to get a
file and program list, and suggested protection attributes for all files.
If you add the application's files to the file control database, you gain the benefit of periodic integrity checking of that application's resources.
See the
fverify(8)
reference page for more information on checking
file integrity.
12.4 Recovery of /etc/passwd Information
If the
/etc/passwd
file is lost, but the enhanced
profiles are still available, then a command sequence like the following can
be used to recover some of the missing data:
# bcheckrc
# /tcb/bin/convuser -dn | /usr/bin/xargs /tcb/bin/edauth -g | \
sed '/:u_id#/!d;s/.*:u_name=//;s/:u_id#/:*:/;s/:u_.*$/:/' \
> psw.missing
This creates a
psw.missing
file containing entries like the following:
root:*:0: jdoe:*:0:
Primary group information, finger information, home directory, and login shell are not recorded in the enhanced profile. The data for those fields must be recovered by other means.