Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

AIX Security Assessment.

Status
Not open for further replies.
tabwall

tabwall

Technical User
Oct 6, 2005
1
SA
I have 80 points as typed below to be assessed whether they are compliance with our Policy in AIX platform,,,,
Can ne body help me out so that I can mail him the file directly ....
Please help me out as my management wants it done very urgently...
Hope there is somebody to help me out...
One of those points is as follows,,

Delete or change ownership of all files owned by the deactivated users. Orphan files, which remain after users are removed, take up file system space, which may be required for application resources. The system administrator must find and backup all files owned by the user, then remove them and the user's home directory. When necessary change ownership of files to allow another user to retain critical files.

*********Now on this point I have to check in AIX whther the system is compliance to the given point.
 
Sort by date Sort by votes
Before deleting the user do something like
Code: 
# identify all files owned by <uname>
find / -type f -owner <uname> > /tmp/<uname>.clearout 
# back them up to a tar file
tar -cvf /tmp/<uname>.backup.tar $(cat /tmp/<uid>.clearout)
#delete them
rm -f $(cat /tmp/<uname>.clearout)
#delete users home directory
rm -fr ~<uname>
#delete the user
rmuser <uname>

This may leave some empty directories owned by the user but..
Code: 
find / -owner <uname> -type d -exec rm -fr {} \;
might delete files owend by other users in directories owned by the user to be deleted - not neccessarily what you want!

I'm sure someone who's better at scripting could find a way to avoid the rather ugly
Code: 
$(cat /tmp/<uid>.clearout)
probably by using something like xargs

Columb Healy
 
Upvote 0 Downvote
Look on for an AIX benchmark tool that will contain a PDF explaining how to secure an AIX server. The 9 items you want help with should be in the document.

Another option is to look for the UNOX STIG from DISA that will also contain the solutions to your questions.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

A
  • Locked
  • Question
Adding Existing LUN to New LPAR AIX
Replies
0
Views
394
Alvinghost
A
E
  • Locked
  • Question
AIX Power5 on 5.3- On varyonvg error "cannot be varied on because no good copies of the descriptor area"
Replies
1
Views
465
JenLM
J
jkc2023
  • Locked
  • Question
AIX TL and SP upgrade
Replies
0
Views
483
jkc2023
jkc2023
HariharanER
  • Locked
  • Question
Current versions are used in AIX
Replies
0
Views
337
HariharanER
HariharanER
sheilar32
  • Locked
  • Question
Migrating from AIX to anything else
Replies
0
Views
357
sheilar32
sheilar32

Part and Inventory Search

Sponsor

Back
Top