HP-UX Reference (11i v1 00/12) - 4 File Formats (vol 8)
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man4/!!!intro.4
________________________________________________________________
___ ___
s
security(4) security(4)
NAME
security - security defaults configuration file
DESCRIPTION
A number of system commands and features are configured based on certain parameters defined in the
/etc/default/security configuration file. This file must be world readable and root writable.
Each line in the file is treated either as a comment or as configuration information for a given system com-
mand or feature. Comments are denoted by a # at the beginning of a line. Noncomment lines are of the
form, parameter=value.
If any parameter is not defined or is commented out in this file, the default behavior detailed below will
apply.
Parameter definitions, valid values, and defaults are defined as follows:
ABORT_LOGIN_ON_MISSING_HOMEDIR
This parameter controls login behavior if a user’s home directory does not exist. This is
applicable only for non-root users.
ABORT_LOGIN_ON_MISSING_HOMEDIR=0
Login with ’/’ as the home directory if
the user’s home directory does not exist.
ABORT_LOGIN_ON_MISSING_HOMEDIR=1
Exit the login session if the user’s home
directory does not exist.
Default value:
ABORT_LOGIN_ON_MISSING_HOMEDIR=0
MIN_PASSWORD_LENGTH
This parameter controls the minimum length of new passwords. It is not applicable to the
root user on a untrusted system.
MIN_PASSWORD_LENGTH=
N New passwords must contain at least N characters. For
untrusted systems N can be any value from 6 to 8. For trusted systems N can be any value
from 6 to 80.
Default value:
MIN_PASSWORD_LENGTH=6
NOLOGIN
This parameter controls whether non-root login can be disabled by the /etc/nologin
file.
NOLOGIN=0 Ignore the /etc/nologin file and do not exit if the /etc/nologin
file exists.
NOLOGIN=1 Display the contents of the /etc/nologin file and exit if the
/etc/nologin file exists.
Default value: NOLOGIN=0
NUMBER_OF_LOGINS_ALLOWED
This parameter controls the number of logins allowed per user. This is applicable only for
non-root users.
NUMBER_OF_LOGINS_ALLOWED=0
Any number of logins are allowed per user.
NUMBER_OF_LOGINS_ALLOWED=N
N number of logins are allowed per user.
Default value:
NUMBER_OF_LOGINS_ALLOWED=0
PASSWORD_HISTORY_DEPTH
This parameter controls the password history depth. A new password is checked only
against the number of most recently used passwords stored in password history for a partic-
ular user. A user is not allowed to re-use a previously used password.
PASSWORD_HISTORY_DEPTH=N A new password is checked against only the N most
recently used passwords for a particular user.
A configuration of password history depth of 2 prevents users from alternating between two
passwords. The maximum password history depth supported is 10 and the minimum pass-
word history depth supported is 1. A depth configuration of more than 10 will be treated as
10, and a depth configuration of less than 1 will be treated as 1.
HP-UX Release 11i: December 2000 − 1 − Section 4−−273
___
___