tcbck(ADM)


tcbck, smmck, authckrc -- trusted computing base checker, single-user mode tcb check script, multiuser mode tcb check script

Syntax

tcbck

Description

tcbck checks the files in the trusted computing base for files that were caught in the process of being updated when the system went down, and for files that have been removed. tcbck is invoked by the scripts smmck during system maintenance mode, and by authckrc when the system enters multiuser mode. The check proceeds as follows:

  1. smmck runs tcbck to clean up any database files that were left in an interim state while being updated (files are created with -o (old) and -t (new) suffixes, respectively). When this process is interrupted, -o and -t files are left and must be reconciled before the system will function properly. tcbck checks the /etc/auth/system, /etc/auth/subsystems, /tcb/files/auth/* directories and the /etc/passwd and the /etc/group files. If there are multiple versions of a file, the extra files are removed. When a -t file is found, the following is displayed:
    /etc/tcbck: file file missing, saved file-t as file
    
    This message is repeated for all files found in that state in the specified directories.

  2. tcbck then checks that key system files are present and that they are not of zero length. If a file is missing (or zero length) then a message similar to this is displayed:
    /etc/tcbck: file file is missing or zero length
    
    This process is repeated for each of the following files:

    /etc/auth/system/default +
    /etc/auth/system/files
    /etc/auth/system/devassign
    /etc/auth/system/authorize +
    /tcb/files/auth/r/root +
    /etc/group
    /etc/passwd +

    When this process is complete, if any files were missing or empty -t files were substituted for real files, the following message is displayed:

    /etc/smmck: restore missing files from backup or distribution.
    

  3. If critical database files have been removed or corrupted (files marked with a dagger (+) in the previous file list are considered critical) then the system enters maintenance mode automatically without asking for the root password. If no critical database files were lost, the system prompts for maintenance mode or normal operation.

  4. tcbck then removes the files /etc/auth/system/pw_id_map and /etc/auth/system/gr_id_map because the modification times of these files are compared with those of /etc/passwd and /etc/group and problems can occur when the system clock is reset. tcbck then tries to rebuild the map files using cps (see fixmog(ADM)). If this fails then either the File Control database (/etc/auth/system/files) is missing, or the the File Control database entry for ``/'' is missing, or there are syntax errors in /etc/passwd, or /etc/group.

  5. After the system goes to init level 2, authckrc reinvokes tcbck to confirm that the files reported missing previously have been restored: Any missing files are listed, followed by this message:
    /etc/authckrc: Log in on the OVERRIDE tty and restore
          the missing files from a backup or the distribution disks.
    
    Missing files will have to be replaced when the system comes up multiuser.

  6. authckrc then runs passwdupd to check that all users in /etc/passwd have Protected Password database entries. authck(ADM) is then run to check the subsystem databases for errors. Any errors found are repaired automatically. Finally, ttyupd(ADM) is run to check that all ttys in /etc/inittab have entries in the Terminal Control database (/etc/auth/system/ttys).

Limitations

authckrc, tcbck, and smmck can only be run as root.

Standards conformance

tcbck, smmck and authckrc are not part of any currently supported standard; they are an extension of AT&T System V provided by The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005