default(F)
default --
system default database file
Format
See
authcap(F)
Description
The default file (/etc/auth/system/default)
allows an administrator to define and change
system-wide parameter values globally for users and devices.
Changes to this file are normally made by selecting
the System Defaults Manager.
default contains three types of
parameters:
-
System wide parameters which do not appear
in any other system database. A system wide parameter not specified in
default database is undefined.
-
User parameters which are typically specified in a
protected password database file (see
prpw(F)).
-
Terminal control parameters which are typically specified in the
terminal control database file (see
ttys(F)).
System default parameters may be specified for fields found
in the protected password (prpw) and terminal control
(ttys) databases.
Trusted programs honor the values from the prpw and ttys
databases first if provided. Otherwise, the program may
choose to use the system default value if one has been
specified. If neither value is specified, the program may
supply a reasonable default value or abort.
For descriptions of the specific fields provided by the
protected password and terminal control databases, see the
prpw(F)
and
ttys(F)
manual pages.
The following fields are unique to the system default database
and should not be specified in any of the other system
databases:
u_integrity-
Indicates whether inconsistencies between data
held in the passwd file and the prpw database will cause a
failure, or be silently ignored.
d_name -
Set to the string ``default''.
u_pwseg-
Contains a value determining how many segments, each
equivalent to 8 characters of clear text, are significant when
validating passwords.
u_secclass-
Identifies the security class supported by the system.
Used for informational purposes only. Possible values are a1, b1,
b2, b3, c1, c2, and d.
u_singleuserpswd-
Indicates whether the root password is required to enter system
maintenance mode.
u_tcbpw-
Indicates whether the prpw database or the
passwd file should be used when there are inconsistencies between
them.
Examples
The following is an example of a typical system default
database:
default:\
:d_name=default:\
:u_pwd=*:\
:u_priority#0:\
:u_cmdpriv=audittrail,su,queryspace,printqueue:\
:u_syspriv=execsuid,nopromain,chmodsugid,chown:\
:u_minchg#0:u_maxlen#10:\
:u_exp#3628800:u_life#15768000:\
:u_pickpw:u_genpwd:u_restrict@:u_nullpw@:\
:u_suclog#0:u_unsuclog#0:u_maxtries#5:u_lock:\
:u_singleuserpswd:u_secclass=c2:\
:u_integrity:u_tcbpw:u_pwseg#10:\
:t_logdelay#2:t_maxtries#9:t_login_timeout#40:\
:chkent:
This system default database defines the three different
types of values which are supported. The following values are
assigned on a system-wide only basis:
-
The root password must be supplied to enter system
maintenance mode (u_singleuserpswd).
-
The system security class is defined as c2
(u_secclass=c2).
-
Inconsistencies in data held about a user in the
passwd and prpw files will cause operations
such as login to fail (u_integrity).
-
When information about a user in passwd and prpw
differs, the prpw information will be assumed to be
correct (u_tcbpw).
-
Lastly, up to 80 characters of clear text are
significant in password comparisons (u_pwseg#10).
This database also defines protected password and terminal control
database default values. Fields beginning with u_
correspond to protected password fields. Similarly, fields
starting with the t_ prefix are terminal control database
fields. The three field types are used to supply system-wide
default values if a user or terminal specific value is
not supplied by the corresponding database. See the
prpw(F)
and
ttys(F)
manual pages for these databases for a complete
description of the applicable fields.
Files
/etc/auth/system/default-
system default database
See also
authcap(F),
getprdfent(S),
prpw(F),
ttys(F)
Standards conformance
default is not part of any currently supported
standard; it is an extension of AT&T System V provided by
The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005