authck(8)authck(8)NAMEauthck - Checks internal consistency of the authentication databases
(Enhanced Security)
SYNOPSIS
/tcb/bin/authck [options]
OPTIONS
Note
At least one of the -a, -p, -t, or -f options is required.
Turns on the -p, -t, and -f options collectively. Examines the file
control database for syntax and value specification errors. Each entry
is examined to verify that the syntax is correct and that values such
as user names, group names, modes, object types, and other security
attributes, depending on the system configuration, are valid. Checks
are also made to ensure that continuation lines are handled properly in
ASCII files and that each entry is terminated with the chkent field.
Errors detected in the file control database cannot be corrected by
authck since in most cases the command is unable to determine what the
entry should contain. Instead, errors are detected and correction of
these errors is left to the system administrator. Checks the protected
password database (user profiles). The cross-references between the
protected password database and /etc/passwd are checked to make sure
that they are mutually consistent. Then fields in the protected pass‐
word database are checked for reasonable values. For instance, all
timestamps of past events are checked to make sure that they have times
less than the times returned by time(). Checks the fields in the ter‐
minal control database for reasonable values. All timestamps of past
events are checked to make sure they have times less than those
returned by time(). Provides running diagnostics as the program pro‐
ceeds. It also produces warnings on unusual conditions that may not
cause program errors.
DESCRIPTION
The authck program checks both the overall structure and internal field
consistency of all components of the authentication databases. It
reports all problems it finds. To invoke this program you must log in
as root.
EXIT VALUES
If authck did not detect any inconsistencies, it exits with a status of
0 (zero). If the user is not authorized, authck exits with a status of
1. If the user specifies the wrong argument syntax, authck exits with a
status of 2. Otherwise, authck exits with status equal to the number
of inconsistencies found.
FILES
Specifies the command path. System password file. Protected password
database. File control database. Terminal control database. System
defaults database.
SEE ALSO
Functions: getprdfent(3), getprpwent(3), getprtcent(3), getprfient(3)
Files: authcap(4), default(4), files(4), prpasswd(4), ttys(4)authck(8)