|
|
Each time your system is rebooted (and after fsck is run if your system was brought down unexpectedly) the system automatically checks critical security database files. The messages are:
Checking tcb ... Checking protected password and protected subsystems databases ... Checking ttys database ...This checking is done to avoid problems with access to your system. In the rare case where a file is missing, you are alerted to this fact and asked to restore the file from backups (or it may be necessary to repair broken symbolic links).
When the system is halted suddenly by power or hardware failures, some filesystem damage can occur. Damage can cause the removal of security database files, or can leave these files in an interim state if they were being updated at the time of the system crash. Whenever a reboot occurs, the system runs a series of programs to check the status of the database files. When the system terminates abnormally and is rebooted, this check is performed after fsck(ADM) is run on the root filesystem, and before entering multiuser mode.
The system follows these steps:
When a security database file is updated, the contents of the old file (file) is copied or updated to create the new ``-t'' file (file-t). Next, the old file (file) is moved to a ``-o'' file (file-o), and the new file (file-t) is moved to the original name (file). When this process is interrupted, ``-o'' and ``-t'' files are left and must be reconciled before the system will function properly. tcbck first resolves any ``-t'' and ``-o'' files left in the /etc/auth/system, /etc/auth/subsystems, and /tcb/files/auth/ directories and the /etc/passwd and the /etc/group files. If there are multiple versions of a file, the extra files must be removed. This is done automatically as follows:
If scenario c. occurs, a message similar to this is displayed:
/etc/tcbck: file file missing, saved file-t as fileThis is done because the ``-t'' file is the modified version of the original file and could have been damaged; it is likely that this file does not contain all the entries of the original. This message is repeated for all files found in that state in the specified directories. (The ``-o'' files are not suspect because they are the original versions of the files renamed prior to updating.)
/etc/tcbck: file file is missing or zero lengthThis process is repeated for each of these files (critical TCB files are marked with a +):
When this process is complete, if any files were missing, or empty ``-t'' files were substituted for real files, this message is displayed:
/etc/smmck: restore missing files from backup or distribution.If either /etc/passwd or /etc/group is missing, this message is displayed:
/etc/tcbck: either slash (/) is missing from /etc/auth/system/files or there are malformed entries in /etc/passwd or /etc/group
Corrupted files are not detected by tcbck, but other error messages may be displayed that are described in ``Troubleshooting system security''.
INIT: SINGLE USER MODE Security databases are corrupt. Starting root shell on console to allow repairs. Entering System Maintenance ModeIf no critical database files are missing, you are prompted to choose system maintenance mode or normal operation. If files are reported missing, write them down and follow the instructions in ``Restoring critical security database files''.
INIT: New run level: 2
is displayed) and you are prompted to set the system clock,
/etc/authckrc is reinvoked.
If any missing files are found, warnings
similar to the ones shown previously are displayed,
followed by the message shown below:
/etc/tcbck: file file is missing or zero length /etc/authckrc: Log in on the OVERRIDE tty and restore the missing files from a backup or the distribution disks.This means that files are still missing. These files will have to be replaced when the system comes up in multiuser mode and you are allowed to log in. Write down the names of the missing files and follow the instructions in ``Restoring critical security database files''.
If /etc/passwd or /etc/group are missing, the following messages is displayed at startup (the first if /etc/passwd is missing, the second if /etc/group is missing):
su: Unknown id: bin su: Cannot setgid to auth, no auth entry
Checking protected password and protected subsystems databases ...
The authck(ADM) program is run to make certain that all users listed in /etc/passwd have Protected Password database entries. If any are missing, they are created as needed if you respond y to this prompt:
There are errors for this user Fix them (y/n)?
The Protected Subsystem database files are then checked to ensure that they correctly reflect the subsystem authorization entries in the Protected Password database. Each name listed in each subsystem file is verified against the Protected Password entry with the same name to ensure that authorizations are consistent between the files. In addition, each Protected Password entry is scanned to verify that all the privileges listed are reflected in the Protected Subsystem database. If any inconsistencies are found, you are asked if you want them fixed automatically:
There are discrepancies between the databases. Fix them (Y or N)?
You may see that many discrepancies are reported and repaired by this process -- this is normal.
See ``Database consistency checking: authck(ADM) and addxusers(ADM)'' for information on running authck manually.
Checking ttys database ...ttyupd(ADM) is run to ensure that all ttys in /etc/inittab have entries in the Terminal Control database (/etc/auth/system/ttys).
The security databases are corrupt. However, root login at terminal tty01 is allowed.