Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

audcntl(2)

getauthuid(3)

getpwent(3)

edauth(8)

auth(5)

Name

auth − auth database

Description

The auth database is a repository of security-relevant information about each user of the system. This database contains the encrypted password associated with the user’s account in addition to a list of assorted capabilities. The database is stored as an ndbm() database in the files /etc/auth.pag and /etc/auth.dir. Records are retrieved with the getauthuid library routine.  Access to the database is restricted to the superuser and members of the group authread.

Auth records may be converted to an ASCII representation whose format is:

1000:4KvidFYwovnwp3j8lll78dC1:1920129:3600:2678400:03:0:1000:0:00:00

The first field is the UID of the entry that is used as the key into the database. Then follows:

Encrypted Password
This is the user’s encrypted password. Whether this password or the one from the /etc/passwd file is actually used is determined by the security level that the system is running at.

Password Modification Time
This is the time(2) the password was last set. 

Minimum Password Lifetime
This is the minimum number of seconds which must elapse between setting passwords.

Maximum Password Lifetime
This is the maximum period of time for which the password will be valid.

Account Mask These are capabilities pertaining to the account itself.  They are:

1 A_ENABLE: this account is enabled. 
2 A_CHANGE_PASSWORD: The user can change his or her password.
4 A_ENTER_PASSWORD: The user is not required to use machine-generated passwords.

Login Failure Count
This is the count of unsuccessful login attempts since the last successful login.

Audit ID Positive integer identifier used in generating audit records for the user. 

Audit Control See the audcntl() reference page, SET_APROC_CNTL section for more information.

Audit Mask Determines which events will be audited for the user. See the audcntl() and audit() reference pages for more information.

Restrictions

Only the superuser and members of the group authread may read information from the auth database.  Only the superuser may modify the auth database.

Files

/etc/auth.[pag,dir]
/etc/passwd
/etc/svc.conf

See Also

audcntl(2), getauthuid(3), getpwent(3), edauth(8)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026