Index Index for
Section 8
Index Alphabetical
listing for P
Bottom of page Bottom of
page		 

prpasswdd(8)


NAME

  prpasswdd - Enhanced security daemon


SYNOPSIS

  /usr/sbin/prpasswdd [-lifetime secs] [-reply_lifetime secs] [-depth n]
  [-debug]


OPTIONS

  -debug
      Enables request logging by the auth facility in syslog. This should
      only be used for debugging, because the volume of logged data can be
      considerable.

  -depth n
      Limits the number of remembered entries kept cached in memory (for
      speed).  The default depth is unlimited.

  -lifetime secs
      Limits the amount of time (in seconds) that remembered entries are kept
      cached in memory. The default lifetime is 1 hour (3600 seconds).

  -reply_lifetime secs
      Limits the amount of time (in seconds) that client transactions are
      remembered for fast RPC replies. The default reply lifetime is 6
      minutes (360 seconds), which allows for minimum of 5 minutes built into
      the client library code before timing out a given transaction request.


DESCRIPTION

  The enhanced security daemon, prpasswdd, manages writes to the protected
  password authentication database, as well as the other enhanced security
  databases. It prevents file lock contention among multiple writers.  A
  strict C2 security policy, which is optionally configurable using enhanced
  security, requires each user login or login failure to be recorded in the
  protected password authentication database. These updates, in combination
  with password changes and system administration functions affecting user
  accounts, are coordinated by the daemon.

  Clients communicate with the daemon using rpc. Two daemon processes, a
  parent and a child, exist on a system running enhanced security. The daemon
  is controlled from /sbin/init.d/prpasswd, which accepts the start, stop,
  and restart commands. The active daemon is the child process, which writes
  its PID to the /var/run/prpasswdd.pid file.

  The daemon services requests from the localhost address (127.0.0.1), or,
  for TruCluster Server V5.0 systems, from the default cluster alias address.
  Requests from other addresses or from non-privileged ports are rejected.


FILES

  /tcb/files/auth.db

  /var/tcb/files/auth.db

  /etc/auth/system/default

  /etc/auth/system/devassign

  /etc/auth/system/files

  /etc/auth/system/ttys.db


SEE ALSO

  Commands: login(1), dxaccounts(8), edauth(8), useradd(8)

  Functions: putespwnam(3), putestcnam(3), putesdfnam(3), putesdvnam(3),
  putesfinam(3)

  Files: authcap(4), default(4), devassign(4), files(4), prpasswd(4), ttys(4)

Index Index for
Section 8
Index Alphabetical
listing for P
Top of page Top of
page