AUTHCK(ADM) UNIX System V
Name
authck - check internal consistency of Authentication
database
Syntax
/tcb/bin/authck [ -p ] [ -t ] [ -s ] [ -f ] [ -c ] [ -a ]
[ -v ]
Description
authck checks both the overall structure and internal field
consistency of all components of the Authentication
database. It reports all problems it finds. The options
and tests are as follows:
-p Check the Protected Password database. A number of
tests are performed. The Protected Password and
/etc/passwd are checked for completeness such that
neither contains entries not in the other. Once this
is done, the fields common to the Protected Password
database and /etc/passwd are checked to make sure they
agree. Then, fields in the Protected Password database
are checked for reasonable values. For instance, all
time stamps of past events are checked to make sure
they have times less than that returned by time(S).
-t The fields in the Terminal Control database are checked
for reasonable values. All time stamps of past events
are checked to make sure they have times less than
returned by time.
-s The Protected Subsystem database files are checked to
ensure they correctly reflect the subsystem
authorization entries in the Protected Password
database. Each name listed in each subsystem file is
verified against the Protected Password entry with the
same name, so that no authorization is inconsistent
between the files. Also, each Protected Password entry
is scanned to ensure that all the privileges listed do
in fact get reflected in the Protected Subsystem
database. If any inconsistencies are found, the
administrator is given the option of fixing the
Subsystem database automatically.
-a This option is shorthand for turning on all the -p, -t,
and -s, options.
-v This options provides running diagnostics as the
program proceeds. It also produces warnings on events
that should not occur but otherwise do not harm the
Authentication database and the routines operating on
it.
Files
/etc/passwd - System password file
/tcb/files/auth/*/* - Protected Password database
/etc/auth/system/ttys - Terminal Control database
/etc/auth/system/files - File Control database
/etc/auth/subsystems/* - Protected Subsystem database
/etc/auth/system/default - System Defaults database
See Also
integrity(ADM), getprpwent(S), getprtcent(S), getprfient(S),
getprdfent(S), authcap(F), subsystem(S), ``Maintaining
System Security,'' chapter of the System Administrator's
Guide
Value Added
authck is an extension of AT&T System V provided by the
Santa Cruz Operation.
(printed 8/23/89) AUTHCK(ADM)