Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX Reference > U

userdbset(1M)

HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

NAME

userdbset — modify information in the user database, /var/adm/userdb

SYNOPSIS

/usr/sbin/userdbset -u name attr=value [attr=value]...

/usr/sbin/userdbset -d -u name [-i]

/usr/sbin/userdbset -d -u name attr [attr]...

/usr/sbin/userdbset -d -a attr [attr]...

/usr/sbin/userdbset [-u name] -f filename

DESCRIPTION

userdbset modifies the per-user information residing in the user database, /var/adm/userdb. A per-user value in the user database overrides any system-wide default configured in /etc/default/security. See userdb(4) and security(4) for more details about the user database and system-wide defaults, respectively.

If one or more attr=value arguments are specified on the command line, userdbget initializes or modifies each attribute specified by attr to the specified value for the specified user name.

Options

The following options are recognized:

-a

Modify specified attributes for all users.

-d

Delete attributes; the /etc/default/security (see security(4)) system-wide default will then apply. If one or more attr arguments are specified, only those attributes are deleted. Otherwise, if no attr arguments are specified, all configurable attributes are deleted for the specified user name.

-f filename

Import the contents of filename into the user database. Each line in the data file, filename, must be in the following format: username attr=value. The output of userdbget is in this format and can be used as the input file. See the -f example in the EXAMPLES section.

-i

Remove internal attributes in addition to the configurable ones. Internal attributes are not user configurable and are normally modified only by programs that enforce system security. The file /etc/security.dsc indicates which attributes are configurable and which are internal.

-u name

Initialize, modify or delete specified attributes for the specified user name.

Notes

Only users who have read and write access to /var/adm/userdb can run userdbset.

userdbset validates attributes and attribute values based on information in /etc/security.dsc. The validation of an attribute fails if:

  • Any specified attr is not listed in /etc/security.dsc.

  • /etc/security.dsc does not allow a per-user value for the attr.

  • name is not a valid user.

  • /etc/security.dsc allows the attr only for local users, and name is not in /etc/passwd.

  • The value of an attr is not within the range specified in /etc/security.dsc.

RETURN VALUE

userdbset exits with one of the following values:

0

success

1

invalid user

2

invalid usage

3

insufficient permission to access the user database

4

file system error

5

invalid attribute; /etc/security.dsc does not allow a per-user value

6

an attribute value is not within the range specified in /etc/security.dsc

7

block overflow

8

entry overflow

9

database lock failure

10

database is disabled; see userdb(4)

11

invalid user name

12

not a local user

EXAMPLES

In the following example, the first command deletes all of the configurable attributes for user joe, while retaining the internal attributes. At this point, the system-wide defaults in /etc/default/security apply. The second command sets joe's minimum password length to 7 and UMASK to 0022 (the leading zero denotes an octal value).

/usr/sbin/userdbset -d -u joe /usr/sbin/userdbset -u joe MIN_PASSWORD_LENGTH=7 UMASK=0022

The next command deletes the minimum password length, which causes the system-wide default to be used.

/usr/sbin/userdbset -d -u amy MIN_PASSWORD_LENGTH

The following example deletes the user-specific audit flag for all users. The system-wide default will then apply for all users.

/usr/sbin/userdbset -d -a AUDIT_FLAG

The following example saves the configurable attributes for all users (-a option) into a file, saved_attributes.txt, using the userdbget command. If needed, the attributes can then be restored at a later point by importing the file with userdbset. The second command imports the configurable attributes into the user database.

/usr/sbin/userdbget -a > saved_attributes.txt /usr/sbin/userdbset -f saved_attributes.txt

FILES

/var/adm/userdb

user database

/etc/default/security

security defaults configuration file

/etc/security.dsc

security attributes description file

SEE ALSO

userdbck(1M), userdbget(1M), userdb_read(3), security(4), userdb(4).



userdbget
  		 


userdel  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.