Re: default stanza in AIX 5.2 /etc/security/limits?

On May 2, 2006, at 7:27 PM, Lamar Saxon wrote:

From an lslpp -w /etc/security/limits it looks like it is part of the
bos.rte.security package. If you have a base level package can you not
extract the files to say a temp directory and see it from the
installation media like:

cd /tmp
restore -f /usr/sys/inst.images/bos.rte.security.<base level fileset>

Maybe chsec would be a better command for default stanza, though I have
never tried it.

Thanks for that idea ... I hadn't thought about doing it that way. Two problems, though:

* Running restore -f from inside of /tmp overwrote the perms on that filesystem with the perms of the file "./" inside the archive. I should have known that would happen, but I put it here as a warning to others.

* Though lslpp -w /etc/security/limits shows it is from the bos.rte.security fileset, and lslpp -f bos.rte.security shows that / etc/security/limits is a file from that fileset, when I go to extract or just list the contents of my bos.rte.security fileset from the install medium, I don't see that (or any /etc/security files) in there.

[root:/tmp/bos.rte.security] # restore -Tq -f /usr/sys/inst.images/ AIX-5.2/all/bos.rte.se>
New volume on /usr/sys/inst.images/AIX-5.2/all/bos.rte.security. 5.2.0.10.U:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is: Thu Mar 27 14:04:13 PST 2003
Files are backed up by name.
The user is BUILD.
./
./lpp_name
./usr
./usr/lpp
./usr/lpp/bos/bos.rte.security/5.2.0.10
./usr/lpp/bos/bos.rte.security/5.2.0.10/liblpp.a
./usr/bin/aclput
./usr/bin/chfn
./usr/bin/chgroup
./usr/bin/chgrp
./usr/bin/chrole
./usr/bin/chsh
./usr/bin/chuser
./usr/bin/lssec
./usr/bin/mkgroup
./usr/bin/mkrole
./usr/bin/mkuser
./usr/bin/passwd
./usr/bin/su
./usr/bin/tcbck
./usr/bin/usrck
./usr/lib/drivers/random
./usr/lib/security/acl/jfs
./usr/lib/security/acl/jfs_64
./usr/lib/security/LDAP
./usr/lib/security/LDAP64
./usr/sbin/flush-secldapclntd
./usr/sbin/isCChost
./usr/sbin/lsCCadmin
./usr/sbin/ls-secldapclntd
./usr/sbin/lsgroup
./usr/sbin/lsuser
./usr/sbin/mksecldap
./usr/sbin/nistoldif
./usr/sbin/randomctl
./usr/sbin/rmCCadmin
./usr/sbin/rmgroup
./usr/sbin/rmuser
./usr/sbin/secldapclntd
./usr/sbin/sectoldif
./usr/sbin/tsm
./usr/sbin/useradd
./usr/sbin/usermod
./usr/lib/security/PAM
./usr/lib/security/KRB5A
The number of archived files is 45.

As for the chsec command, that looks to be the one to use, specifically with the "-s default" flag. Thanks!

-s-



Lamar

-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@xxxxxxxxxxxxx] On Behalf Of
Sandor W. Sklar
Sent: Tuesday, May 02, 2006 7:58 PM
To: aix-l@xxxxxxxxxxxxx
Subject: default stanza in AIX 5.2 /etc/security/limits?

Can anyone send me the "default" default stanza from an AIX 5.2
system's /etc/security/limits? I'd like to compare my values, but I
don't have any systems where those files are "fresh" on. I also
assumed I could find this info via Google, but that doesn't seem to
be the case.

Also, all the documentation (including "man limits") says that you
shouldn't edit the file directly, but instead use the chuser
command. There is no info on how one would go about changing the
values in the "default" stanza though, so is that a hole in IBM's
documentation, or is there a command that I don't know about?

Thanks,
-- Sandy



Privileged and Confidential. This e-mail, and any attachments there to, is intended only for use by the addressee(s) named herein and may contain privileged or confidential information. If you have received this e-mail in error, please notify me immediately by a return e-mail and delete this e-mail. You are hereby notified that any dissemination, distribution or copying of this e-mail and/ or any attachments thereto, is strictly prohibited.

Relevant Pages

  • Re: default stanza in AIX 5.2 /etc/security/limits?
    ... Sorry about the /tmp permissions issue. ... I usually extract to a directory like ... Maybe chsec would be a better command for default stanza, ...
    (AIX-L)
  • Re: default stanza in AIX 5.2 /etc/security/limits?
    ... If you have a base level package can you not ... extract the files to say a temp directory and see it from the ... Maybe chsec would be a better command for default stanza, ... default stanza in AIX 5.2 /etc/security/limits? ...
    (AIX-L)
  • Re: default stanza in AIX 5.2 /etc/security/limits?
    ... I usually extract to a directory like ... Maybe chsec would be a better command for default stanza, ... This e-mail, and any attachments there to, is intended only for use by the addresseenamed herein and may contain privileged or confidential information. ... You are hereby notified that any dissemination, distribution or copying of this e-mail and/ or any attachments thereto, is strictly prohibited. ...
    (AIX-L)
  • Problems using Expect to parse a file
    ... I'm trying to write a script to automate a program called DeltaE, a powerful thermoacoustic design tool, and to extract performance data from the simulations it runs by parsing through its output files. ... Less, on the other hand, remains open upon reaching the end of a file until it receives the "q" command, so I tried writing a script to step through the file using that, as follows: ... The trouble now is, although manually executing the command "less -c data/1.out" at a tty functions just as you would expect it to, when Expect sends the exact same command as part of the spawn process, and running the script with exp_internal true, apparently none of the data sent to the display by less when started normally is being seen by Expect - all it seems to get is "No tags file\r\n", followed by eof and closure of Less - I'm afraid I haven't a clue what the "No tags file" statement means. ...
    (comp.lang.tcl)
  • Re: Using GZip decompression in VB 6
    ... Decompress the gzip file. ... In the above commands /C after the cmd.exe means for the Command promtp ... Also, do not hardcode the path and name of the Command prompt EXE, if you ... then extract it. ...
    (comp.lang.basic.visual.misc)
Loading