Solved

aixpert and /etc/shadow

Posted on 2013-06-12
3
1,694 Views
Last Modified: 2013-06-12
We are running some security tools over an AIX IBM System. When you have run the AIX IBM aixpert report, any idea where the actual report ends up? And in what format?

Also my admin is telling me there is no \etc\shadow file on the System? Is that even possible? Or could it be that due to the permissions they are logged onto the System that they cant see the \etc\shadow file?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 39240687
Hi,

aixpert writes all the successfully applied rules to

/etc/security/aixpert/core/appliedaixpert.xml

and the corresponding "undo" action rules to

/etc/security/aixpert/core/undo.xml

The format is XML.

You must use the "-o" flag of aixpert to set name and location of the file containing the security output.

If the AUDIT subsystem is enabled you can use the "-p" flag of aixpert to log the rules
processed into the audit subsystem.

And indeed, there is no /etc/shadow file on AIX.

The shadow file equivalent on AIX is /etc/security/passwd
0
 
LVL 3

Author Comment

by:pma111
ID: 39240707
If you have run AIXPERT as an audit type report as opposed to an "apply" these rules, does that show you what is non-compliant, is that saved to the same directory as mentioned above? Is the xml file a user freindly readable format (or do you need an accompanied style sheet to view the results)?
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39240777
A  log of the comparison of the current settings against

/etc/security/aixpert/core/appliedaixpert.xml

(the only file you can use for comparison) is displayed in in simple text format on the terminal, like

...
Processing hls_ttdbserver :done.
Processing hls_cmsd :done.
Processing hls_rmsuidfrmrcmds : failed.
...
etc.

To create a file use redirection:

aixpert -c -p > /path/to/reportfile

Additionally, a verbose report (non-XML!) is created: /etc/security/aixpert/ check_report.txt

XML user friendly? Well, the opinions are divided, I assume.

Anyway, you can display the Document Type Description with

aixpert -d
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question