authck(1M) DG/UX B2 Security R4.12MU02 authck(1M)
NAME
authck - check group and user entries in the A&A database
SYNOPSIS
authck [ username ... ]
where:
username The name of a user in the A&A database
DESCRIPTION
The authck command inspects the A&A database entries for the
specified user(s) and reports any errors on standard output. If no
users are specified, authck checks all users on the system.
The errors detected are any malformation of the A&A database, and any
condition that would prevent the specified user(s) from being granted
service--e.g., account locked, password extinct, or invalid audit
mask.
One of the checks is that each user's primary group and all
supplementary groups must also be in the A&A database. Consequently,
authck also checks all groups on the system before it checks the
specified user(s).
MAC alias definitions can be checked with the aliasck(1M) command.
EXAMPLES
authck root
FILES
/etc/tcb/aa/group/*
A&A database entries for groups
/etc/tcb/aa/user/*
A&A database entries for users
/etc/tcb/audit/*
Audit alias definitions
DIAGNOSTICS
Exit status is 0 if no problems were found, 1 if any problems were
found, 2 on internal error.
SEE ALSO
aaupdate(1M), aliasck(1M), aalibrary(3).
NOTES
If the system on which authck is being run doesn't have certain
security features configured--e.g., audit--the corresponding
information in the A&A databases is not checked. This means that if
authck is used while running a traditional DG/UX System kernel to
look for error in the A&A database, the only errors that will be
detected are those that involve only information contained with the
A&A database. No alias definitions will be validated. Also, authck
does not check whether a user is authorized for any specific service.
Licensed material--property of copyright holder(s)