HP-UX Reference (11i v1 05/09) - 4 File Formats (vol 8)
d
default(4) default(4)
NAME
default - system default database file for a trusted system
SYNOPSIS
/tcb/files/auth/system/default
DESCRIPTION
The system default database is unique in that it defines system-wide global parameters for a trusted sys-
tem. It is designed to provide values for users and devices on a global scale rather than requiring an
administrator to replicate values in user or device databases when they are all the same. In addition to
being easier to specify global values, it is also much easier to make a global system change if necessary.
The system default database is made up of four types of values:
system-wide parameters These are parameters that do not have corresponding specifications in any
other trusted system database. If a system-wide parameter is not specified
in the default database, then it is undefined.
user parameters These parameters are typically specified in a protected password database
file.
terminal control parameters These parameters are typically specified in the terminal control database
file.
device assignment parameters These parameters are typically specified in the device assignment database
file.
System default parameters may be specified for fields found in the protected password, terminal control,
and device assignment databases. When a specific entry is retrieved from one of these databases, a struc-
ture called, ufld that contains all of the explicitly specified values, is provided to the caller. A second struc-
ture, called sfld, is also provided which defines those values supplied from the system default database.
Each of these structures has a corresponding flag structure called uflg and sflg, respectively, that indicates
which fields in each structure have been specified and are valid for use. Programs honor the user or device
specific value first if one is provided. Otherwise, the program may choose to use the system default value if
one has been specified. If neither value is specified, the program may supply a reasonable default value or
abort.
For descriptions of the specific fields provided by the protected password, terminal control, and device
assignment databases, see the corresponding manual pages listed in the SEE ALSO section for those data-
bases. The following fields are unique to the system default database and can not be specified in any of the
other system databases.
d_name This name is set to the string "default".
d_boot_authenticate
This flag field indicates whether or not boot authentication is required to
boot the machine. If authentication is required, it is performed by the sys-
tem init(1M) program prior to completing system boot.
EXAMPLES
The following is an example of a typical system default database. Refer to authcap(4) for descriptions of the
file and line formats.
default:\
:d_name=default:\
:d_boot_authenticate@:\
:u_pwd=*:\
:u_minchg#0:u_maxlen#10:u_exp#15724800:u_life#31449600:\
:u_pickpw@:u_genpwd@:u_restrict@:u_nullpw@:\
:u_genchars@:u_genletters@:\
:u_maxtries#5:u_lock:\
:t_logdelay#2:t_maxtries#10:\
:chkent:
This system default database defines the four different types of values which are supported. First, values
that can be assigned on a system-wide only basis are defined. Boot authentication at system startup is not
enabled. Login programs will provide password expiration warnings if the password expires in less than
604800 seconds from the current system time (this translates into 60*60*24*7 or 7 days).
Section 4−−40 Hewlett-Packard Company − 1 − HP-UX 11i Version 1: September 2005