|
|
HP-UX Reference > Uuserdbset(1M)HP-UX 11i Version 2: December 2007 Update |
|
NAMEuserdbset — modify information in the user database, /var/adm/userdb SYNOPSIS/usr/sbin/userdbset -u name attr=value [attr=value ...] /usr/sbin/userdbset -d -u name [-i] /usr/sbin/userdbset -d -u name attr [attr...] /usr/sbin/userdbset -d -a attr [attr...] /usr/sbin/userdbset [-u name] -f filename DESCRIPTIONuserdbset modifies the per-user information residing in the user database, /var/adm/userdb. A per-user value in the user database overrides any system-wide default configured in /etc/default/security. See userdb(4) and security(4) for more details about the user database and system-wide defaults, respectively. If one or more attr=value arguments are specified on the command line, userdbget initializes or modifies each attribute specified by attr to the specified value for the specified user name. OptionsThe following options are recognized:
AuthorizationsIn order to invoke userdbset, the user must either be root (running with effective uid of 0) or, if the Role-Based Access Control (RBAC) version B.11.23.04 is installed, have the appropriate authorization(s). Users with the appropriate authorizations can use userdbset to add, modify or delete security attributes for other users, but are prohibited from changing the security attributes for local root users. Only root users can add, modify or delete the security attributes of local root users. When the RBAC B.11.23.04 product is installed, the following is a list of the required authorizations for running userdbset with particular options:
Notesuserdbset validates attributes and attribute values based on information in /etc/security.dsc. The validation of an attribute fails if:
RETURN VALUEuserdbset exits with one of the following values:
EXAMPLESIn the following example, the first command deletes all of the configurable attributes for user joe, while retaining the internal attributes. At this point, the system-wide defaults in /etc/default/security apply. The second command sets joe's minimum password length to 7 and UMASK to 0022 (the leading zero denotes an octal value). /usr/sbin/userdbset -d -u joe /usr/sbin/userdbset -u joe MIN_PASSWORD_LENGTH=7 UMASK=0022 The next command deletes the minimum password length, which causes the system-wide default to be used. /usr/sbin/userdbset -d -u amy MIN_PASSWORD_LENGTH The following example deletes the user-specific audit flag for all users. The system-wide default will then apply for all users. /usr/sbin/userdbset -d -a AUDIT_FLAG The following example saves the configurable attributes for all users (-a option) into a file, saved_attributes.txt, using the userdbget command. If needed, the attributes can then be restored at a later point by importing the file with userdbset. The second command imports the configurable attributes into the user database. /usr/sbin/userdbget -a > saved_attributes.txt /usr/sbin/userdbset -f saved_attributes.txt |
|