Manualshelf

HP-UX System Administrator's Guide: Configuration Management

ManualsBrandsHP ManualsSoftwareHP-UX System Administration
61626364656667686970
(Description)
--------------------------------------------------------------------
ALLOW_NULL_PASSWORD [0...1 , 1 ]: default____________
(Allow login with null password? (0=No 1=Yes))
...
UMASK [0...511, 0 ]: default____________
(Default umask (leading zero denotes octal value))
[ Modify ] [ Preview ] [ Cancel ] [ Help ]
7. Make the changes you want in the spaces provided.
8. (Optional) Select Preview to see the commands that will modify the attributes.
Press OK to continue.
9. Select Modify to change the attributes or Cancel to quit the process.
10. The changes from the default values are shown in the User Value column.
Controlling File Access
Working groups, file permissions, and file ownership all determine who can access a
given file. See also the HP-UX System Administrator’s Guide: Security Management.
Defining Group Membership
Users on your system can be divided into working groups so that files owned by
members of a given group can be shared and yet remain protected from access by users
who are not members of the group. A user’s primary group membership number is
included as one entry in the /etc/passwd file. Group information is defined in /etc/
group and/etc/logingroup.
Users who are members of more than one group, as specified in /etc/group, can
change their current group with the /usr/bin/newgrp command. You do not need
to use the newgrp command if user groups are defined in /etc/logingroup. If you
do not divide the users of your system into separate working groups, it is customary
to set up one group (usually called users) and assign all users of your system to that
group.
You can use HP SMH to add, remove, or modify group membership.
To manually change group membership, edit /etc/group and optionally /etc/
logingroup with a text editor, such as vi. Although you can enter a group-level
password in /etc/group, it is not recommended. To avoid maintaining multiple files,
you can link /etc/logingroup to /etc/group. For details on the /etc/group and
/etc/logingroup files, see the group(4) manpage. For information on linking files,
see the link(1M) and ln(1)manpages.
You can assign special privileges to a group of users using the
/usr/sbin/setprivgrp command. For more information, see chown(1), getprivgrp(1),
setprivgrp(1M), chown(2), getprivgrp(2), lockf(2), plock(2), plock(2), rtprio(2), setgid(2),
setgid(2), setprivgrp(2), setuid(2), shmctl(2), and shmctl(2).
Controlling File Access 67