userdb.4 (2012 03)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

userdb(4) userdb(4)

NAME

userdb - user database for per-user information

SYNOPSIS

/var/adm/userdb

DESCRIPTION

The user database is used for storing per-user information. It consists of the

/var/adm/userdb

direc-

tory and the ﬁles within it. Each ﬁle name is a two-digit hexadecimal number from

00 to ff. The direc-

tory and ﬁles are created either at installation time or by the

userdbck command.

The per-user information resides in user entries in the database, and consists of any number of

attribute

=value pairs, which are used to deﬁne the behavior of conﬁgurable features. A per-user value in

/var/adm/userdb

overrides any corresponding system-wide default conﬁgured in the

/etc/default/security

ﬁle, as described in security (4).

The

/etc/security.dsc

ﬁle indicates which attributes can be conﬁgured with a per-user value in

/var/adm/userdb

. This list includes the following attributes which are described in security (4):

ALLOW_NULL_PASSWORD

Allow or do not allow null passwords.

AUDIT_FLAG Audit or do not audit users.

AUTH_MAXTRIES Maximum number of authentication failures allowed.

DISPLAY_LAST_LOGIN

Display or do not display last login information.

LOGIN_TIMES Restrict login time periods.

MIN_PASSWORD_LENGTH

Minimum password length.

NUMBER_OF_LOGINS_ALLOWED

Number of simultaneous logins allowed per user.

OVERRIDE_SYSDEF_PWAGE

Override reading system default password aging values from

the

/etc/default/security

ﬁle during a password

change.

PASSWORD_HISTORY_DEPTH

Password history depth.

PASSWORD_MIN_LOWER_CASE_CHARS

Minimum number of lower case characters allowed in a

password.

PASSWORD_MIN_UPPER_CASE_CHARS

Minimum number of upper case characters allowed in a

password.

PASSWORD_MIN_DIGIT_CHARS

Minimum number of digit characters allowed in a password.

PASSWORD_MIN_SPECIAL_CHARS

Minimum number of special characters allowed in a password.

UMASK Deﬁne umask for ﬁle creation.

Notes

When deﬁning attributes, ﬁrst conﬁgure default values in

/etc/default/security

, as described in

security (4), and then conﬁgure per-user exceptions in the user database,

/var/adm/userdb.

In addition to the conﬁgurable attributes, there are internal attributes that are not user conﬁgurable and

are normally modiﬁed only by programs that enforce system security. The ﬁle

/etc/security.dsc

indicates which attributes are conﬁgurable and which are internal.

Use the

userdbck command to verify or ﬁx information in the user database, /var/adm/userdb.

To disable the user database, create a ﬁle called

/var/adm/userdb/USERDB.DISABLED

. This

causes all database reads and writes to return an error code indicating that the database is disabled and

should be ignored. Note that, if the user database is disabled for a long period and then re-enabled, it

will contain stale data. This can cause unwanted side effects.

WARNINGS

Use the

userdbset command to modify information in /var/adm/userdb. Do not use a text editor,

because the database contains checksums and other binary data, and editors do not follow the ﬁle locking

conventions that are used to control access to the database.

NFS mounting this database is not supported.

HP-UX 11i Version 3: March 2012 − 1 − Hewlett-Packard Company 1

Summary of content (2 pages)

PAGE 1
userdb(4) userdb(4) NAME userdb - user database for per-user information SYNOPSIS /var/adm/userdb DESCRIPTION The user database is used for storing per-user information. It consists of the /var/adm/userdb directory and the files within it. Each file name is a two-digit hexadecimal number from 00 to ff. The directory and files are created either at installation time or by the userdbck command.
PAGE 2
userdb(4) userdb(4) FILES /var/adm/userdb /etc/default/security /etc/security.dsc user database security defaults configuration file security attributes description file SEE ALSO userdbck(1M), userdbget(1M), userdbset(1M), userdb_read(3), security(4).