12    Ensuring Authentication Database Integrity

The information systems security officer (ISSO) is responsible for ensuring the integrity of the system. To do this, the ISSO runs the authck program, which checks the internal consistency of the files that make up the authentication database. (This function cannot be performed with the GUIs.)

This chapter describes the authck program, suggests reasons for running it, and explains what to do if it finds discrepancies.

12.1    Composition of the Authentication Database

The authentication database, consists of the following subsidiary databases:

• Protected password database (/tcb/files/auth.db, /var/tcb/files/auth.db, and
  /tcb/files/auth/<a-z>/username)

• System defaults database (/etc/auth/system/default)

• Terminal control database (/etc/auth/system/ttys.db)

• File control database (/etc/auth/system/files)

• Device assignment database (/etc/auth/system/devassign)

For detailed information about the format and contents of the databases, see the default(4), devassign(4), files(4), prpasswd(4), and ttys(4) reference pages.

12.2    Running the authck Program

The authck program checks the overall structure and the internal consistency of the authentication database. The authck program checks for the correctness of entries within each database and also checks related fields in other databases. For example, it checks the protected password database entry for a user against the /etc/passwd file.

You can specify the following arguments on the authck command line:

-p

Checks the protected password database and the /etc/passwd file to ensure that they are complete and that they agree with each other. It also checks the protected password database for reasonable values.

-t

Checks the fields in the terminal control database for reasonable values.

-f

Checks the file control database for syntax and value specification errors. Without this flag, entries with unknown authorizations, user names, and so on, are ignored. Typically these errors are typographical, such as "rooot" instead of "root," and the program attempts to guess the right value.

-a

Performs the functions of -f, -p, and -t.

-v

Provides program activity status during operation.

The authck program produces a report listing any discrepancies between the databases. Compare the output of the program with the actual database entries and rectify any differences immediately. Problems typically occur because someone has manually updated one of the databases without making the corresponding change to the related databases.

12.3    Adding Applications to the File Control Database

When you add applications to the system by a means other than the setld program, you should also add file control database entries for the application's control and database files and programs. It is best to consult with the application supplier to get a file and program list, and suggested protection attributes for all files.

If you add the application's files to the file control database, you gain the benefit of periodic integrity checking of that application's resources.

See the fverify(8) reference page for more information on checking file integrity.