?
Solved

aixpert and /etc/shadow

Posted on 2013-06-12
3
Medium Priority
?
1,784 Views
Last Modified: 2013-06-12
We are running some security tools over an AIX IBM System. When you have run the AIX IBM aixpert report, any idea where the actual report ends up? And in what format?

Also my admin is telling me there is no \etc\shadow file on the System? Is that even possible? Or could it be that due to the permissions they are logged onto the System that they cant see the \etc\shadow file?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 2000 total points
ID: 39240687
Hi,

aixpert writes all the successfully applied rules to

/etc/security/aixpert/core/appliedaixpert.xml

and the corresponding "undo" action rules to

/etc/security/aixpert/core/undo.xml

The format is XML.

You must use the "-o" flag of aixpert to set name and location of the file containing the security output.

If the AUDIT subsystem is enabled you can use the "-p" flag of aixpert to log the rules
processed into the audit subsystem.

And indeed, there is no /etc/shadow file on AIX.

The shadow file equivalent on AIX is /etc/security/passwd
0
 
LVL 3

Author Comment

by:pma111
ID: 39240707
If you have run AIXPERT as an audit type report as opposed to an "apply" these rules, does that show you what is non-compliant, is that saved to the same directory as mentioned above? Is the xml file a user freindly readable format (or do you need an accompanied style sheet to view the results)?
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39240777
A  log of the comparison of the current settings against

/etc/security/aixpert/core/appliedaixpert.xml

(the only file you can use for comparison) is displayed in in simple text format on the terminal, like

...
Processing hls_ttdbserver :done.
Processing hls_cmsd :done.
Processing hls_rmsuidfrmrcmds : failed.
...
etc.

To create a file use redirection:

aixpert -c -p > /path/to/reportfile

Additionally, a verbose report (non-XML!) is created: /etc/security/aixpert/ check_report.txt

XML user friendly? Well, the opinions are divided, I assume.

Anyway, you can display the Document Type Description with

aixpert -d
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month8 days, 18 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question