TCBCK(ADM) UNIX System V
Name
tcbck, smmck, authckrc - trusted computing base checker
Syntax
tcbck
Description
tcbck checks the files in the trusted computing base for
files that were caught in the process of being updated when
the system went down, and for files that have been removed.
tcbck is invoked by the scripts smmck during system
maintenance mode, and by authckrc when the system enters
multi-user mode. The check proceeds as follows:
1. smmck runs tcbck to clean up any database files that
were left in an interim state while being updated
(files are created with -o (old) and -t (new) suffixes,
respectively). When this process is interrupted, -o
and -t files are left and must be reconciled before the
system will function properly. tcbck checks the
/etc/auth/system, /etc/auth/subsystems,
/tcb/files/auth/* directories and the /etc/passwd and
the /etc/group files. If there are multiple versions
of a file, the extra files are removed. When a -t file
is found, the following is displayed:
/etc/tcbck: file file missing, saved file-t as file
This message is repeated for all files found in that
state in the specified directories.
2. tcbck then checks that key system files are present and
that they are not of zero length. If a file is missing
(or zero length) then a message similar to this is
displayed:
/etc/tcbck: file file is missing or zero length
This process is repeated for each of the following
files:
/etc/auth/system/default-
/etc/auth/system/files
/etc/auth/system/devassign
/etc/auth/system/authorize-
/tcb/files/auth/r/root-
/etc/group
/etc/passwd-
When this process is complete, if any files were missing or
empty -t files were substituted for real files, the
following message is displayed:
/etc/smmck: restore missing files from backup or distribution.
3. If critical database files have been removed or corrupted
(files marked with a dagger (-) in the previous file list
are considered critical) then the system enters maintenance
mode automatically without asking for the root password. If
no critical database files were lost, the system prompts for
maintenance mode or normal operation.
4. tcbck then removes /etc/auth/system/pw_id_map and
/etc/auth/system/gr_id_map because the modification times of
these files are compared with that of /etc/passwd and
/etc/group and problems can occur when the system clock is
reset. tcbck then tries to rebuild the map files using
cps(ADM). If this fails then either the File Control
database (/etc/auth/system/files) is missing, or the the
File Control database entry for ``/'' is missing, or there
are syntax errors in /etc/passwd, or /etc/group.
5. After the system goes to init level 2, authckrc reinvokes
tcbck to confirm that the files reported missing previously
have been restored: Any missing files are listed, followed
by this message:
/etc/authckrc: Log in on the OVERRIDE tty and restore
the missing files from a backup or the distribution disks.
Missing files will have to be replaced when the system comes
up multi-user.
6. authckrc then runs passwdupd(ADM) to check that all users in
/etc/passwd have Protected Password database entries.
authck(ADM) is then run to check the subsystem databases for
errors. Any errors found are repaired automatically.
Finally, ttysupd(ADM) is run to check that all ttys in
/etc/inittab have entries in the Terminal Control database
(/etc/auth/system/ttys).
Notes
authckrc , tcbck , and smmck can only be run as root.
Value Added
tcbck is an extension of AT&T System V provided by the Santa
Cruz Operation.
(printed 12/11/90) TCBCK(ADM)