uot;.

6. "Access a Root Volume Group".

7. "Continue".

8. "Access the Volume Group and start a shell".

root.

9. SMIT .

11. sync .

12. shutdown -F.

13. NORMAL.

14. ( ). root.

, "" (1) RS/6000, (2) " " ( CD-ROM), AIX.

, AIX, .

Firewall

"Firewall" , . - Internet. firewall , "" FTP .

"", , inetd.

X Window

X Window - . X Window.

X Window

- ; - . - , ( ) . . , .

:

1. xhost, . , , ( ).

2. , /etc/Xn.hosts, n 0, 1, 2, ... ( ) , , . /etc/X?.hosts .

, xhost, XWindow . , xhost , - , - .

XWindow , , , , .

1. , .

2. , .

3. .

4. SVTX .

5. , UNIX AIX, , .

- .

"" UNIX , ( /etc/passwd /etc/group). UNIX ( ), mkuser, .

AIX, UNIX, . AIX - SMIT.

AIX, , mkuser . , SMIT.

( ), ( ), ( ), ( ) ..

AIX , , , UNIX.

SMIT , . SMIT!

, " UNIX" ( /etc/passwd). . .

: NIS.

, .

:

/etc/profile , . , TERM, MAILMSG, MAIL.

/etc/environment . : HOME, LANG, TZ, NLSPATH.

$HOME/.profile . /etc/profile.

getty init ODM
login /etc/security/login.cfg
/etc/password /etc/security/password /etc/security/failedlogin
/etc/security/environ,/etc/security/limits, /etc/security/user
/etc/motd $HOME/.hushlogin
shell
/etc/environment, /etc/profile $HOME/.profile

init getty .

SMIT

SMIT . SMIT. , .

smit
Security and Users
Users
ADD a User
1 * User NAME [alex]
2 User ID [ ]
3 ADMINISTRATIVE User? false
4 Primary GROUP [staff]
5 Group SET [staff]
6 ADMINISTRATIVE GROUPS []
7 Another user can SU TO USER true
8 SU GROUPS [ALL]
9 HOME Directory [/usr/guest]
10 Initial PROGRAM []
11 User INFORMATION []
12 EXPIRATION date (MMDDhhmmyy) 0
13 Is this user ACCOUNT LOCKED? false
14 User can LOGIN? true
15 User can LOGIN REMOTELY? true
16 Allowed LOGIN TIMES
17 Number of FAILED LOGINS before [0] user account is locked
18 Login AUTHENTICATION GRAMMAR [compat]
19 Valid TTYs [ALL]
20 Days WARN USER before pw expires [0]
21 Password CHECK METHODS []
22 Password DICTIONARY FILES []
23 Number of PASSWORDS before reuse [0]
24 WEEKS before password reuse [0]
25 Weeks between pw expire & lockout[-1]
26 Password MAX. AGE [0]
27 Password MIN. AGE [0]
28 Password MIN. ALPHA characters [0]
29 Password MIN. OTHER characters [0]
30 Password MAX. REPEATED chars [0]
31 Password MIN. DIFFERENT chars [0]
32 Password REGISTRY []
33 MAX FILE Size [2097151]
34 MAX CPU Time [-1]
35 MAX DATA Segment [262144]
36 MAX STACK Size [65536]
37 MAX CORE File Size [2048]
38 File creation UMASK [22]
39 AUDIT classes []
40 Trusted path? nosak
41 PRIMARY Authentication Method [SYSTEM]
42 SECONDARY Authentication [NONE]

( 1 42) , . .

userid ( 1, User NAME) . Userid . ( 2) - UID. SMIT UID; . .

( 3 6) . ( "false" ) .

( 14) , ( 7,8 15). . , bin, , . - root, . /etc/security/user . /etc/passwd, .

SU ( 8), SU ( 7), ( 15) , . ( ) . .

SU , , su. root su , false. SU true, SU , su . , su . root, root su . all - , ( , , su userid.)

rlogin telnet TCP/IP. true ( ), , telnet, . ftp TCP/IP.

( 10) - ( ) , , . - , /usr/ksh. ( ), /etc/security/mkuser.default.

( 12) 0 ( ). . "0330000099" (MMDDhhmmyy). , . .

( 13) false, , userid. ( , .)

, ( 16). , /etc/security/user (. /etc/security/user). .

TTYs ( 19) , ( -, telnet ). , /dev/tty1. "!" , . ALL , . , . , root , .

WARN USER ( 20) , . , ( 25). , .

( 18) "compat". .

( 21 - 31) . , . - ( 32). DCE .

( 33 37) - .

( 33) - ulimit. Ulimit - ( 512 ) , . ulimit, , SMIT. , SMIT - 8192. , - ; , .

( 34) . . , AIX. .

UMASK ( 38) - umask . umask.

39-42 ( , , , ) .

( SMIT, ) :

1. /etc/passwd , .

2. /etc/security/passwd .

3. /etc/security/user , .

4. /etc/group , .

5. /etc/security/limits , .

6. /etc/security/.ids , UID.

7. /home , .

, , . , ( 26) .

/etc/security/user. . root, ( vi ) .

, , , . , SMIT.

42 , SMIT , 30 /etc/security/user.

/etc/security/limits , ( .) .

. . , .

/etc/security/user /etc/security/limits , ; , .

UNIX /etc/passwd. . . , UID , , , ( ) .

/etc/passwd , UID ( ) userid ( ). /etc/passwd . . , , , . , , .

UNIX ( UNIX, AIX) . , . . , , UNIX. . /etc/passwd, .

: () . "" .

AIX /etc/security/passwd. /etc/passwd ( ):

1. () . () , userid.

2. . , userid . (AIX /etc/security/user, , , .)

3. . , /etc/security/passwd. - AIX.

4. ( 13 ).

/etc/passwd, /etc/security/passwd. AIX , /etc/passwd.

SMIT passwd /etc/passwd /etc/security/passwd.

/etc/security. " ''.

SMIT, , ( ) /etc/passwd . ( root) SMIT passwd .

(root), ( ADMCHG /etc/security/passwd , ). .

passwd - UNIX . , , root .

SMIT ; passwd .

SMIT . , , , SMIT .

, , ( ).

, userid , , . , passwd , SMIT.

, ( root) . .

? , , . , "", , "" .

:

1. ( ) .

2. , . , , .

, .

"" . ; . "c" :

1. .

2. , . root .

3. .

4. , , .

5. .

6. ; - , .

7. , . .

8. , .

9. , .

10. , , "" .

11. ( ), , , ( , "l" "1" "o" "0'').

12. - .

13. .

14. AIX . .

, , /etc/security/user .

, SMIT. :

            recommended default
minage      0            0 (weeks. Use 0)
maxage      12           0 (maximum age in weeks)
maxexpired  4            0 (weeks after expire)
minalpha    1            0 (alpha characters)
minother    1            0 (non-alpha characters)
minlen      6            0 (minimum length)
mindiff     3            0 (different from last pw)
maxrepeats  3            8 (repeated characters)
histexpire  26           0 (prohibit reuse, weeks)
histsize    8            0 (number of old passwords)
pwdwarntime 14           0 (warning time, days)

. , "" UNIX.

Maxage/minage / ( ). - 0 , , . , minage. .

maxage root system. . , "". , .

pwdwarntime ( ) AIX , . "" .

maxrepeat, mindiff, minlen, minalpha, minother . , , , , , , , .

AIX , ( /etc/security/pwdhist.dir /etc/security/pwdhist.pag). histexpire , , .

histsize , , .

AIX . ( dictionlist=) ( pwdchecks=) .

/usr/share/dict/words ( ) . SMIT /etc/security/user.

,

, , . , /etc/security.

1. /etc/security/.ids . mkuser , uid/gid. , () SMIT.

:

6 221 12 206

: 6 = uid
221 = uid
12 = gid
206 = gid

2. /etc/group .

3. /etc/security/group , admin adms.

4. /etc/security/login.cfg . . . . :

) , . ( ) . . dial-in "" .
) sak_enabled - .
) uth_method ( , AIX) - .
) ( ) . . , .
) usw - chsh - . .
) maxlogins - , ( chlicense, AIX).
) logintimeout - .

5. /etc/passwd .

6. /etc/security/passwd , , , , ( , ).

7. /etc/passwd.dir /etc/passwd.pag mkpasswd , userid . .

8. /etc/security/user .

9. /etc/security/environ .

10. /etc/security/limits .

11. /usr/lib/security/mkuser.default , . . , (), .

12. /etc/security/failedlogin . who:

who -a /etc/security/failedlogin >> /tmp/check

/tmp/check. . , . , , userid ( userid, /etc/passwd). userid UNKNOWN.

13. /etc/security/lastlog ( ). . , ( () ).

14. /etc/security/.profile - $HOME/.profile . . , , /etc/security, . "" "o" . , /etc/security/limits /etc/security/olimits.

, , ps -ef.

# ps -ef
USER PID  PPID C STIME TTY TIME CMD
root 1    0    0 02 Jan    -    1:30 /etc/init
root 1360 1    0 02 jan    -    0:00 /usr/sbin/srcmstr
root 3329 1    0 02 Jan    -    0:00 /usr/lib/errdaemon
root 2563 1360 0 02 Jan    -    0:00 /usr/lpp/info/bin/infod
root 4317 1    0 02 Jan    -    0:00 /usr/sbin/cron
root 7904 1360 0 02 Jan    -    0:00 /usr/sbin/qdaemon
root 8460 1360 0 02 Jan    -    0:00 /usr/sbin/writesrv

foreground ( Ctrl+C).
background kill.
crontab crontab .
cron /etc/inittab chitab.

() skulker

AIX /usr/sbin/skulker, skulker. - , .

skulker ( - root), ( cron). cron AIX.

/var/spool/cron/crontabs/root cron, , , .

skulker:

;
, ;
/tmp, ;
/var/tmp, ;
*.bak, .*.bak, a.out, core, proof, galley, ...*, ed.hup ( ), ;
.putdir, .

skulker, . root, .

cron at

, , , cron. /etc/inittab.

cron :

- crontab;
, - at;
, , - batch.

/var/adm/cron/queuedefs. AIX crontab cron. cron , crontab , , cron .

AIX cron ( crontab) , root, UNIX .

(user) crontab /var/spool/cron/crontabs/user. crontab :

    _

, cron . , ,