.

Application Developer's Kit (ADK). Administrator Runtime Kit (ARK), , .

iFOR/LS :

Node Lock , , , . ( ID ).

Concurrent use "" , , .

Use once . 0 . (try and buy).

Compound . .

() , . , , () , , .

.

. , .

iFOR/LS , . iFOR/LS, .

:

Softstop , ,

Hardstop , . :

Wait . , .

Quit .

List .

Queue .

( ). . . . : 5-10 . AIX BOS login 15 .

""

"" :

1. iFOR/LS

2. NCS iFOR/LS

3. ( ) llbd dlbd netlsd

/usr/lib/netls/conf netls_config, .

Common Desktop Environment (CDE)

Common Desktop Environment (CDE)

CDE?

Common Desktop Environment (CDE) desktop - , IBM, HP, Sun, Novell . Desktop - , X11 release 5 OSF/Motif 1.2. .

CDE : , , .

, , . . .

CDE , . CDE , . , CDE.

, .

AIX. , .

X Window, OSF/MOTIF OPENLOOK.

CDE?

CDE

CDE UNIX, .

, .

, , , , , .

- .

, . , .

CDE X-OPEN, X11 release 5, OSF/MOTIF 1.2 Spec 1170.

CDE .

AIX CDE

/

, , .

OSF/MOTIF 1.2 ( ).

. . ; , , . . , , , , , .

, . , , .

, , , . ( drag and drop) .

. : , , , , .

CDE

Desktop - , SGML. API - . API .

CDE Desktop . , , , . desktop. , , man- ..

Desktop , . - Application Builder dtscript.

Dtscript - , Windowing Korn Shell.

Application Builder - , widgets CDE.

, drag and drop.

Desktop ( ). .

AIX - " ". , .

:

1. AIX;

2. ;

3. NFS ( NIS, ).

1. TCB.

2. root.

3. /etc/security/user:

pw_restrictions:
maxage = 12 (force change after 12 weeks)
maxrepeat = 3 (max three repeated characters)
minalpha = 1 (at least 1 alpha character)
mindiff = 3 (at least 3 different from last time)
minother = 1 (at least 1 nonalpha character)
maxexpired = 4 (allow logon 4 weeks after expired)
histexpire = 26 (prohibit reuse for 26 weeks)
histsize = 8 (prohibit reusing last 8 passwords)
pwdwarntime = 14 (start warning 14 days before expire)

4. . /etc/profile, :

TMOUT=1800 (for Korn shell)
TIMEOUT=1800 (for Borne shell)
export TIMEOUT TMOUT

. , 1800 , , 30 . , TMOUT TIMEOUT, .

5. .

6. skulker , , /tmp/dailyreport - .

7. securetcpip . rlogin , .

8. /var/adm/cron, cron.allow, cron.deny, at.allow, at.deny cron.

9. , .

10. , .

11. root . , root . , root.

12. . , , . .

13. dial-in . .

14. /etc/security/user. - . .

15. root , root. userid su root. / /var/adm/sulog .

16. mkuser.default.

17. SAK , , .

1. . . , - , .

2. " ", " " , ftp-. root, .

. ( ) "" , . "-" ( ) ( ) root.

3. , SMIT, , ( SMIT passwd). , , .

4. :

4.1. , , , .
4.2. .
4.3. .
4.4. . . , .
4.5. , (, /u/userid) - ( /tmp).
4.6. ( "") .

5. userid ( ) UID ( UID).

6. , su root . , ( PATH) . su root , , root.

7. , IFS ( ) . /etc/profile. IFS .

8. PATH root. PATH ( /etc/profile) a.profile root. a.profile .

9. umask . umask - 022, 027 ( "") . umask $HOME/.profile ( , umask ).

10. , , . , , su, ..

11. tcbck .

12. tcbck, ( ) suid .

13. /tmp/dailyreport , .

AIX ("") . AIX, ; .

- . ( AIX.)

, . ( ). .

, , . , , SMIT:

SMIT Security and Users Users Change/Show Characteristics of a User *User NAME [alex] ... PRIMARY Authentication Method [SYSTEM,SYSTEM;serg]

alex , , . , serg (, alex , ).

. SYSTEM , . , .

SYSTEM . ;serg, , .

ASCII :

/etc/passwd
/etc/group
/etc/security
/etc/security/passwd
/etc/security/user ,
/etc/security/limits
/etc/security/environ
/etc/security/login.cfg
/etc/security/group

/etc/passwd

/etc/passwd . . ():

# catr /etc/passwd
root:!:0:0::/:/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/: lpd:!:104:9::/:
alex:!:200:0:X7560 5th floor:/home/alex:/bin/ksh

, ":", :

- 8- - .
- UNIX . AIX "!" /etc/security/passwd. "*", , , , .
- .
- .
- .
- $HOME.
login - $SHELL.

/etc/security/passwd

root. login, passwd, pwdadm pwdck, root.

. .

():

# cat /etc/security/passwd
root:
    password=92t.mzJBjlfbY
    lastupdate=668124164
    flags=
daemon:
    password=*
bin:
    password=*
:
alex:
    password=q/qD6q.ss21x.
    lastupdate=666293529
    flags=ADMCHG,ADMIN,NOCHECK

:

password "*" .
lastupdate 1 1970 .
flags ADMCHG - root. ADMIN - root. NOCHECK - .

/etc/security/user

():

#cat /etc/security/user
default:
	admin=false
	login=true
	su=true
	daemon=true
	rlogin=true
	sugroups=ALL
	admgroups=
	ttys=ALL
	auth1=SYSTEM
	auth2=NONE
	tpath=nosak
	umask=022
	expires=0
	SYSTEM="compat"
	logintimes=
	pwdwarntime=0
	account_locked=false
	loginretries=0
	histexpire=0
	histsize=0
	minage=0
	maxage=0
	maxexpired=-1
	minalpha=0
	minother=0
	minlen=0
	mindiff=0
	maxrepeats=8
	dictionlist=
	pwdchecks=

:

admin . true false.
login , . true false.
su , su . true false.
daemon , cron (SRC). true false.
rlogin , . telnet rlogin. true false.
sugroups . "!" , . : , , ALL "*".
admgroups , . : , .
ttys , . "!" . : , , ALL "*".
auth1 , . login, telnet, rlogin su. SYSTEM;NAME1,SYSTEM;NAME2.
auth2 .
tpath . : nosak, notsh, always on.
umask umask . 027.
expires . : MMDDHHMMYY 0, . 0101000070 .
SYSTEM 4. . :

files .
compat NIS.
DCE (Distributed Computing Enviroment, DCE).

logintimes , . , , : [!] [MMdd[-MMdd]]:hhmm-hhmm [!] [MMdd[-MMdd][:hhmm-hhmm] [!] [w[-w]]:hhmm-hhmm [!] w[-w][:hhmm-hhmm] , MM - (00=, 11=), dd - , hh - (00-23), mm - w - (0=, 6=).
pwdwarntime . : 0 .
account_disable true, - . false.
logintries , . : 0 .
histexpire . : 0 260. - 26 ( 6- ).
histsize , . : 0 50.
minage . =0. 0 52. .
maxage pwdwarntime (.). . =0, . 0 52.
maxexpired , maxage, . =-1, . -1 52.
minalpha . =0. - 0 8.
minother . =0. - 0 8. minalpha minother 8. 8 minother 8 minalpha.
minlen . =0. - 0 8. minalpha+minother, , .
mindiff , . =0. - 0 8.
maxrepeats . =8, . - 0 8.
dictionlist "" . : . , . 7- ASCII. - , root. .
pwdchecks . : / /usr/lib. .

/etc/group /etc/security/group

#more /etc/group
system:!:0:root,alex
staff:!:1:alex
bin:!:2:root,bin
sys:!:3:root,bin,sys
adm:!:4:bin,adm
uucp:!:5:uucp
mail:!:6:
security:!:7:root
nobody:!:4294967294:nobody,lpd
usr:!:100:guest
accounts:!:200:alex

/etc/group :

8 - .
AIX 4- "!"
, .

#more /etc/security/group
system:
    admin=true
staff:
    admin=false
:
accounts:
    admin=false
    adms=alex

/etc/security/group . :
admin true false, .
adms , . admin=true, , root .

/etc/security/login.cfg

default:
:
herald="\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nThis is the console. Restricted use only.\nlogin:
logintimes=
logindisable=0
logininterval=0
loginreenable=0
logindelay=0

.

:

herald . . herald , herald , /etc/environment.

logintimes .

logindisable . logininterval (.).

logininterval , logindisable.

loginreenable .

logindelay . . - 2, 2 , - 4, - 6 .

- "", . , .

1990 2- " " - "", . "-", 1992 "" ( ), .

"", Microsoft Windows NT Server, IBM AIX, IBM, Hewlett-Packard, Cisco, 3Com. "" - ( AIX, Oracle, SmartCity, Cisco).

E-mail: agb@krig.dp.ua