aix version 7...ntp.keys file 221 objects file 222

AIX Version 7.1

Files Reference

IBM

Note

Before using this information and the product it supports, read the information in “Notices” on page1147 .

This edition applies to AIX Version 7.1 and to all subsequent releases and modifications until otherwise indicated in neweditions.© Copyright International Business Machines Corporation 2010, 2016.US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract withIBM Corp.

Contents

About this document.............................................................................................xiHighlighting..................................................................................................................................................xiCase sensitivity in AIX................................................................................................................................. xiISO 9000......................................................................................................................................................xi

Files Reference......................................................................................................1What's new................................................................................................................................................... 1System Files................................................................................................................................................. 1

access_lists File......................................................................................................................................3acct.cfg File.............................................................................................................................................4admin File............................................................................................................................................... 5aliases File for Mail................................................................................................................................. 7audit File for BNU................................................................................................................................... 8/etc/security/authorizations File............................................................................................................9autosecrets File.................................................................................................................................... 10backup File........................................................................................................................................... 11bincmds File......................................................................................................................................... 14BOOTP Relay Agent Configuration File................................................................................................15bootparams File for NFS...................................................................................................................... 17ca.cfg File..............................................................................................................................................18cdromd.conf File Format......................................................................................................................19ClientHostName.info File..................................................................................................................... 20clsnmp.conf File................................................................................................................................... 22Command (C.*) Files for BNU...............................................................................................................25compver File......................................................................................................................................... 27config File............................................................................................................................................. 28consdef File.......................................................................................................................................... 34copyright File........................................................................................................................................ 35ct_class_ids File................................................................................................................................... 35ct_cssk.kf File....................................................................................................................................... 36ct_has.pkf File...................................................................................................................................... 36ct_has.qkf File...................................................................................................................................... 38ct_has.thl File....................................................................................................................................... 40ctfile.cfg File......................................................................................................................................... 42ctgroups File......................................................................................................................................... 44ctcas_hba2.map File............................................................................................................................ 44ctcasd.cfg File.......................................................................................................................................45ctrmc.acls File...................................................................................................................................... 48ctrmc.rio File.........................................................................................................................................49ctsec.cfg File.........................................................................................................................................49ctsec_map.global File.......................................................................................................................... 50ctsec_map.local File............................................................................................................................ 54Data (D.*) Files for BNU........................................................................................................................58/dev/hty File..........................................................................................................................................59/dev/rhp File......................................................................................................................................... 60DHCP Client Configuration File............................................................................................................ 60DHCP Server Configuration File........................................................................................................... 64depend File........................................................................................................................................... 76devexports File..................................................................................................................................... 77dir File................................................................................................................................................... 77

iii

/etc/security/domains File...................................................................................................................78/etc/security/domobjs File...................................................................................................................80dpid2.conf File......................................................................................................................................82dsinfo File............................................................................................................................................. 82dumpdates File.....................................................................................................................................86e789_ctbl File for HCON...................................................................................................................... 87e789_ktbl File for HCON...................................................................................................................... 87eimadmin.conf File .............................................................................................................................. 88environ File........................................................................................................................................... 90environment File...................................................................................................................................91errors File for BNU................................................................................................................................97ethers File for NIS................................................................................................................................ 98events File............................................................................................................................................ 98Execute (X.*) Files for BNU................................................................................................................ 100exports File for NFS............................................................................................................................103.fig File................................................................................................................................................ 110filesystems File.................................................................................................................................. 110Foreign File for BNU........................................................................................................................... 113.forward File....................................................................................................................................... 114ftpaccess.ctl File................................................................................................................................ 115/etc/group File ................................................................................................................................... 116/etc/security/group File..................................................................................................................... 119Workload Manager groupings File..................................................................................................... 122hostmibd.conf File............................................................................................................................. 123image.data File...................................................................................................................................124/etc/security/.ids File......................................................................................................................... 129INed Files........................................................................................................................................... 130.info File.............................................................................................................................................. 131inittab File...........................................................................................................................................133isns_servers File.................................................................................................................................136irs.conf File......................................................................................................................................... 137ispaths File......................................................................................................................................... 142isprime File.........................................................................................................................................144.kshrc File........................................................................................................................................... 145lapi_subroutines Information............................................................................................................ 147ldapid.ldif.template File .................................................................................................................... 149limits File ........................................................................................................................................... 150local_domain File............................................................................................................................... 153login.cfg File....................................................................................................................................... 153lpacl Information................................................................................................................................159.maildelivery File for MH.................................................................................................................... 167/usr/lib/security/methods.cfg File.....................................................................................................170mhl.format File...................................................................................................................................174.mh_profile File.................................................................................................................................. 176mibII.my File...................................................................................................................................... 181mkuser.default File............................................................................................................................ 183mtstailor File for MH.......................................................................................................................... 184mrouted.conf File...............................................................................................................................185netgroup File for NIS..........................................................................................................................187netmasks File for NIS.........................................................................................................................189netmon.cf File.................................................................................................................................... 189netsvc.conf File.................................................................................................................................. 190networks File for NFS.........................................................................................................................192NLSvec File......................................................................................................................................... 193/etc/nscontrol.conf File......................................................................................................................195ntp.conf File........................................................................................................................................198ntp.conf4 File..................................................................................................................................... 208Network Time Protocol (NTP)............................................................................................................ 221

iv

ntp.keys File....................................................................................................................................... 221objects File......................................................................................................................................... 222pam_aix Module................................................................................................................................. 224pam_allow Module.............................................................................................................................226pam_allowroot Module...................................................................................................................... 227pam_ckfile Module.............................................................................................................................228pam_mkuserhome Module................................................................................................................229pam_permission Module................................................................................................................... 230pam_prohibit Module.........................................................................................................................231pam_rhosts_auth Module..................................................................................................................232pam.conf File......................................................................................................................................234/etc/passwd File.................................................................................................................................236passwd_policy File.............................................................................................................................238/etc/security/passwd File.................................................................................................................. 239pcnfsd.conf Configuration File...........................................................................................................241pkginfo File......................................................................................................................................... 244pkgmap File........................................................................................................................................ 247policy.cfg File..................................................................................................................................... 250portlog File......................................................................................................................................... 251/etc/security/privcmds File................................................................................................................252/etc/security/privdevs File.................................................................................................................255/etc/security/privfiles File..................................................................................................................257/proc File............................................................................................................................................ 258proxy.ldif.template File......................................................................................................................275prtglobalconfig File............................................................................................................................ 276pwdhist File........................................................................................................................................ 277publickey File for NIS.........................................................................................................................278/etc/security/pwdalg.cfg File.............................................................................................................278qconfig File ........................................................................................................................................ 280raspertune File................................................................................................................................... 283rc.boot File..........................................................................................................................................284rc.tcpip File for TCP/IP.......................................................................................................................285realm.map File................................................................................................................................... 286remote.unknown File for BNU........................................................................................................... 286resource_data_input Information..................................................................................................... 287rmccli Information............................................................................................................................. 289rndc.conf File......................................................................................................................................293roles File............................................................................................................................................. 295rpc File for NFS...................................................................................................................................298sectoldif.cfg Configuration File.......................................................................................................... 299security_default File...........................................................................................................................300sendmail.cf File.................................................................................................................................. 300setinfo File..........................................................................................................................................350setup.csh File..................................................................................................................................... 351setup.sh File....................................................................................................................................... 352slp.conf File........................................................................................................................................ 353smbctune.conf File.............................................................................................................................355smi.my File......................................................................................................................................... 356smitacl.group File...............................................................................................................................356smitacl.user File................................................................................................................................. 358snmpd.conf File..................................................................................................................................360snmpd.boots File................................................................................................................................369snmpdv3.conf File..............................................................................................................................370snmpmibd.conf File........................................................................................................................... 383socks5c.conf File................................................................................................................................384space File............................................................................................................................................385.srf File................................................................................................................................................386streamcmds File.................................................................................................................................386

v

sysck.cfg File...................................................................................................................................... 387syslog.conf File...................................................................................................................................389targets File..........................................................................................................................................391Temporary (TM.*) Files for BNU........................................................................................................ 393Workload Manager .times File........................................................................................................... 393unix.map File...................................................................................................................................... 395updaters File for NIS.......................................................................................................................... 396user File.............................................................................................................................................. 397user.roles File.....................................................................................................................................408vfs File................................................................................................................................................ 410Workload Manager classes File......................................................................................................... 411Workload Manager limits File............................................................................................................ 413Workload Manager rules File............................................................................................................. 416Workload Manager shares File.......................................................................................................... 420xferstats File for BNU.........................................................................................................................421xtab File for NFS.................................................................................................................................422

File Formats............................................................................................................................................. 423.3270keys File Format for TCP/IP..................................................................................................... 426acct File Format..................................................................................................................................428ar File Format (Big).............................................................................................................................429ar File Format (Small).........................................................................................................................431ate.def File Format............................................................................................................................. 433audit File Format................................................................................................................................ 439bootptab File Format......................................................................................................................... 441cgaparams.sec File Format for TCP/IP..............................................................................................442Character Set Description (charmap) Source File Format................................................................ 443core File Format................................................................................................................................. 450cpio File Format..................................................................................................................................452cronlog.conf File.................................................................................................................................454Devices File Format for BNU..............................................................................................................455Dialcodes File Format for BNU...........................................................................................................460Dialers File Format for BNU............................................................................................................... 461Dialing Directory File Format for ATE................................................................................................ 465DOMAIN Cache File Format for TCP/IP............................................................................................. 467DOMAIN Data File Format for TCP/IP................................................................................................468DOMAIN Local Data File Format for TCP/IP...................................................................................... 471DOMAIN Reverse Data File Format for TCP/IP................................................................................. 473eqnchar File Format........................................................................................................................... 475/etc/ftpd.cnf File Format for TCP/IP..................................................................................................476/etc/security/rtc/rtcd.conf file format for real-time compliance......................................................478/etc/security/rtc/rtcd_policy.conf file format for real-time compliance..........................................479/etc/ftpd.cnf File Format for TCP/IP..................................................................................................480/etc/tnc_config File ........................................................................................................................... 482.ftpcnf File Format for TCP/IP............................................................................................................ 482ftpusers File Format for TCP/IP......................................................................................................... 483gated.conf File Format for TCP/IP..................................................................................................... 484gateways File Format for TCP/IP....................................................................................................... 529hosts File Format for TCP/IP..............................................................................................................531hosts.equiv File Format for TCP/IP....................................................................................................533hosts.lpd File Format for TCP/IP....................................................................................................... 536hty_config File Format....................................................................................................................... 538inetd.conf File Format for TCP/IP...................................................................................................... 538lastlog File Format..............................................................................................................................541ldap.cfg File Format........................................................................................................................... 542LDAP Attribute Mapping File Format................................................................................................. 549Locale Definition Source File Format.................................................................................................551LC_COLLATE Category for the Locale Definition Source File Format............................................... 553LC_CTYPE Category for the Locale Definition Source File Format....................................................556

vi

LC_MESSAGES Category for the Locale Definition Source File Format............................................559LC_MONETARY Category for the Locale Definition Source File Format...........................................561LC_NUMERIC Category for the Locale Definition Source File Format..............................................567LC_TIME Category for the Locale Definition Source File Format......................................................568Locale Method Source File Format.................................................................................................... 574magic File Format ..............................................................................................................................579.mailrc File Format............................................................................................................................. 580map3270 File Format for TCP/IP.......................................................................................................584Maxuuscheds File Format for BNU.................................................................................................... 589Maxuuxqts File Format for BNU.........................................................................................................590.mh_alias File Format.........................................................................................................................590mib.defs File Format.......................................................................................................................... 593named.conf File Format for TCP/IP................................................................................................... 595ndpdh.cnf File Format for TCP/IP...................................................................................................... 646netcd.conf File Format for netcd....................................................................................................... 646.netrc File Format for TCP/IP............................................................................................................. 650networks File Format for TCP/IP....................................................................................................... 651nroff or troff Input File Format...........................................................................................................652nterm File Format ..............................................................................................................................653Permissions File Format for BNU.......................................................................................................656phones File Format for tip..................................................................................................................665Poll File Format for BNU.....................................................................................................................666profile File Format..............................................................................................................................667protocols File Format for TCP/IP....................................................................................................... 668queuedefs File Format ...................................................................................................................... 669rc.net File Format for TCP/IP............................................................................................................. 671rc.ntx File Format............................................................................................................................... 674remote File Format for tip.................................................................................................................. 675resolv.conf File Format for TCP/IP.....................................................................................................678resolv.ldap File Format for TCP/IP.....................................................................................................680rfc1108 table .....................................................................................................................................681.rhosts File Format for TCP/IP........................................................................................................... 683sccsfile File Format............................................................................................................................ 684sendh_anchor File Format for TCP/IP............................................................................................... 689sendr_anchor File Format for TCP/IP................................................................................................ 690services File Format for TCP/IP......................................................................................................... 690setmaps File Format.......................................................................................................................... 691simprof File Format............................................................................................................................694Standard Resource Record Format for TCP/IP................................................................................. 695Sysfiles File Format for BNU.............................................................................................................. 704Systems File Format for BNU.............................................................................................................706telnet.conf File Format for TCP/IP.....................................................................................................712tempaddr.conf File Format for TCP/IP.............................................................................................. 713tepolicies.dat File Format.................................................................................................................. 714terminfo Directory.............................................................................................................................. 715.tiprc File Format for tip..................................................................................................................... 772trcfmt File Format.............................................................................................................................. 773troff File Format................................................................................................................................. 779troff Font File Format......................................................................................................................... 782tunables File Format.......................................................................................................................... 785uconvdef Source File Format............................................................................................................. 788UIL File Format...................................................................................................................................790utmp, wtmp, failedlogin File Format................................................................................................. 810vgrindefs File Format......................................................................................................................... 811WML File Format................................................................................................................................ 813XCOFF Object File Format..................................................................................................................819

Special Files............................................................................................................................................. 8893270cn Special File............................................................................................................................890

vii

bus Special File.................................................................................................................................. 898cd Special File.................................................................................................................................... 898console Special File............................................................................................................................900dials Special File.................................................................................................................................903dump Special File...............................................................................................................................905entn Special File.................................................................................................................................905Error Logging Special Files.................................................................................................................907fd Special File..................................................................................................................................... 907fddin Special File................................................................................................................................910GIO Special File..................................................................................................................................912ide Special File................................................................................................................................... 913kbd Special File.................................................................................................................................. 914lft Special File.....................................................................................................................................915lp Special File..................................................................................................................................... 917lpfk Special File.................................................................................................................................. 920lvdd Special File................................................................................................................................. 922mem or kmem Special File................................................................................................................ 928mouse Special File............................................................................................................................. 931mpcn Special File............................................................................................................................... 932mpqi Special File................................................................................................................................ 935mpqn Special File...............................................................................................................................936mstor Special File...............................................................................................................................938null Special File.................................................................................................................................. 940nvram Special File.............................................................................................................................. 941random and urandom Devices...........................................................................................................942omd Special File................................................................................................................................. 943opn Special File.................................................................................................................................. 946ops0 Special File................................................................................................................................ 946pty Special File................................................................................................................................... 948rcm Special File.................................................................................................................................. 951rhdisk Special File.............................................................................................................................. 951rmt Special File...................................................................................................................................953scsi Special File.................................................................................................................................. 957secvars.cfg File...................................................................................................................................958tablet Special File...............................................................................................................................960tap Special File................................................................................................................................... 962tmscsi Special File..............................................................................................................................963tokn Special File................................................................................................................................. 964trace Special File................................................................................................................................966tty Special File.................................................................................................................................... 966urandom and random Devices...........................................................................................................967usb0 Special File................................................................................................................................ 968usbhc Special File.............................................................................................................................. 969usblibdev Special File........................................................................................................................ 969usbms Special File............................................................................................................................. 969vty_server Special File....................................................................................................................... 970

Header Files.............................................................................................................................................972List of Major Control Block Header Files........................................................................................... 973ct_ffdc.h File.......................................................................................................................................975dirent.h File........................................................................................................................................ 977dlfcn.h File..........................................................................................................................................978eucioctl.h File..................................................................................................................................... 979fcntl.h File...........................................................................................................................................979filsys.h File .........................................................................................................................................982flock.h File.......................................................................................................................................... 985fullstat.h File.......................................................................................................................................988grp.h File.............................................................................................................................................989iconv.h File..........................................................................................................................................989

viii

inode.h File......................................................................................................................................... 990inttypes.h File.....................................................................................................................................993ipc.h File............................................................................................................................................. 993iso646.h File.......................................................................................................................................994ldr.h File..............................................................................................................................................995limits.h File......................................................................................................................................... 997libperfstat.h File................................................................................................................................. 999math.h File....................................................................................................................................... 1043mode.h File.......................................................................................................................................1045msg.h File......................................................................................................................................... 1047mtio.h File........................................................................................................................................ 1049param.h File..................................................................................................................................... 1049pmapi.h File......................................................................................................................................1050poll.h File..........................................................................................................................................1056pthread.h File................................................................................................................................... 1057pwd.h File.........................................................................................................................................1059pwdpolicy.h File............................................................................................................................... 1059sem.h File......................................................................................................................................... 1061sgtty.h File........................................................................................................................................1064shm.h File.........................................................................................................................................1070spc.h File.......................................................................................................................................... 1072srcobj.h File......................................................................................................................................1075stat.h File..........................................................................................................................................1077statfs.h File.......................................................................................................................................1080statvfs.h File.....................................................................................................................................1082systemcfg.h File............................................................................................................................... 1083tar.h File .......................................................................................................................................... 1085termio.h File..................................................................................................................................... 1089termios.h File................................................................................................................................... 1098termiox.h File................................................................................................................................... 1109threads.h File................................................................................................................................... 1111trace.h File....................................................................................................................................... 1113types.h File.......................................................................................................................................1116uchar.h File.......................................................................................................................................1118unistd.h File......................................................................................................................................1118utmp.h File....................................................................................................................................... 1119values.h File..................................................................................................................................... 1121vmount.h File................................................................................................................................... 1122wctype.h File.................................................................................................................................... 1124wlm.h File.........................................................................................................................................1125

Directories............................................................................................................................................. 1134/etc/locks Directory......................................................................................................................... 1136/usr/lib/hcon Directory.................................................................................................................... 1137/var/spool/mqueue Directory for Mail.............................................................................................1138/var/spool/uucp Directory for BNU..................................................................................................1139/var/spool/uucp/.Admin Directory for BNU.................................................................................... 1140/var/spool/uucp/.Corrupt Directory for BNU...................................................................................1140/var/spool/uucp/.Log Directories for BNU...................................................................................... 1141/var/spool/uucp/.Old Directory for BNU......................................................................................... 1142/var/spool/uucp/.Status Directory for BNU.....................................................................................1142/var/spool/uucp/SystemName Directories for BNU....................................................................... 1143/var/spool/uucp/.Workspace Directory for BNU.............................................................................1143/var/spool/uucp/.Xqtdir Directory for BNU..................................................................................... 1144/var/spool/uucppublic Directory for BNU....................................................................................... 1144

Notices............................................................................................................1147Privacy policy considerations................................................................................................................1148

ix

Trademarks............................................................................................................................................1149

Index.............................................................................................................. 1151

x

About this document

This topic collection contains sections on the system files, special files, header files, and directories thatare provided with the operating system and optional program products. File formats required for certainfiles that are generated by the system or by an optional program are also presented in this topiccollection.

HighlightingThe following highlighting conventions are used in this document:

Bold Identifies commands, subroutines, keywords, files, structures, directories, and otheritems whose names are predefined by the system. Bold highlighting also identifiesgraphical objects, such as buttons, labels, and icons that the you select.

Italics Identifies parameters for actual names or values that you supply.

Monospace Identifies examples of specific data values, examples of text similar to what youmight see displayed, examples of portions of program code similar to what you mightwrite as a programmer, messages from the system, or text that you must type.

Case sensitivity in AIXEverything in the AIX® operating system is case sensitive, which means that it distinguishes betweenuppercase and lowercase letters. For example, you can use the ls command to list files. If you type LS,the system responds that the command is not found. Likewise, FILEA, FiLea, and filea are threedistinct file names, even if they reside in the same directory. To avoid causing undesirable actions to beperformed, always ensure that you use the correct case.

ISO 9000ISO 9000 registered quality systems were used in the development and manufacturing of this product.

© Copyright IBM Corp. 2010, 2016 xi

xii AIX Version 7.1: Files Reference

Files ReferenceThis topic collection contains sections on the system files, special files, header files, and directories thatare provided with the operating system and optional program products. File formats required for certainfiles that are generated by the system or by an optional program are also presented in this topiccollection.

The AIX operating system is designed to support The Open Group's Single UNIX Specification Version 3(UNIX 03) for portability of operating systems based on the UNIX operating system. Many new interfaces,and some current ones, have been added or enhanced to meet this specification. To determine thecorrect way to develop a UNIX 03 portable application, see The Open Group's UNIX 03 specification onThe UNIX System website (http://www.unix.org).

What's new in Files ReferenceRead about new or significantly changed information for the File Reference topic collection.

How to see what's new or changed

In this PDF file, you might see revision tags (>| and |

commands and subroutines to perform operations. These files can only be changed by a user with rootauthority.

A file is a collection of data that can be read from or written to. A file can be a program you create, textyou write, data you acquire, or a device you use. Commands, printers, terminals, and applicationprograms are all stored in files. This allows users to access diverse elements of the system in a uniformway and gives the operating system great flexibility. No format is implied when a file is created.

Files are used for all input and output (I/O) of information in this operating system. This standardizesaccess to both software and hardware. Input occurs when the content of a file is modified or written to.Output occurs when the content of one file is read or transferred to another file. For example, to create ahardcopy printout of a text file, the system reads the information from the text file and writes the data tothe file representing the printer.

Collections of files are stored in directories. These collections of files are often related to each other, andstoring them in a structure of directories keeps them organized.

There are many ways to create, use, and manipulate files. Files in Operating system and devicemanagement introduces the commands that control files.

Types of Files

There are three basic types of files:

File Type Description

regular Stores data (text, binary, and executable).

directory Contains information used to access other files.

special Defines a FIFO (first-in, first-out) file or a physical device.

All file types recognized by the system fall into one of these categories. However, the operating systemuses many variations of these basic types.

Regular files are the most common. When a word processing program is used to create a document, boththe program and the document are contained in regular files.

Regular files contain either text or binary information. Text files are readable by the user. Binary files arereadable by the computer. Binary files can be executable files that instruct the system to accomplish ajob. Commands, shell scripts, and other programs are stored in executable files.

Directories contain information the system needs to access all types of files, but they do not contain theactual file data. As a result, directories occupy less space than a regular file and give the file-systemstructure flexibility and depth. Each directory entry represents either a file or subdirectory and containsthe name of a file and the file's i-node (index node reference) number. The i-node number represents theunique i-node that describes the location of the data associated with the file. Directories are created andcontrolled by a separate set of commands.

Special files define devices for the system or temporary files created by processes. There are three basictypes of special files: FIFO (first-in, first-out), block, and character. FIFO files are also called pipes. Pipesare created by one process to temporarily allow communication with another process. These files ceaseto exist when the first process finishes. Block and character files define devices.

Every file has a set of permissions (called access modes) that determine who can read, modify, or executethe file. To learn more about file access modes, see File ownership and user groups in Operating systemand device management.

File-Naming Conventions

The name of each file must be unique within the directory where it is stored. This insures that the file alsohas a unique path name in the file system. File-naming guidelines are:

• A file name can be up to 255 characters long and can contain letters, numbers, and underscores.

2 AIX Version 7.1: Files Reference

• The operating system is case-sensitive which means it distinguishes between uppercase and lowercaseletters in file names. Therefore, FILEA, FiLea, and filea are three distinct file names, even if theyreside in the same directory.

• File names should be as descriptive as possible.• Directories follow the same naming conventions as files.• Certain characters have special meaning to the operating system, and should be avoided when namingfiles. These characters include the following:

/ \ " ' * ; - ? [ ] ( ) ~ ! $ { } < > # @ & |

• A file name is hidden from a normal directory listing if it begins with a . (dot). When the ls command isentered with the -a flag, the hidden files are listed along with regular files and directories.

The path name of a file consists of the name of every directory that precedes it in the file tree structure.Only the final component of a path name can contain the name of a regular file. All other components in apath name must be directories. Path names can be absolute or relative. See File path names in Operatingsystem and device management to learn more about the complete name of a file within the file system.

Related informationFilesFiles, Directories, and File Systems for Programmers

access_lists File

Purpose

Configures access control lists for the iSCSI target driver.

Description

The access_lists file is used to configure access control lists for the iSCSI target driver. You can usecomments in the access_lists file. The comment character is "#", and must be the first character onthe line.

This file contains one entry per target. Each entry has the following format:

target_name|lun_name iSCSI_name,iSCSI_name,...

target_nameThe target ODM name on which access control is applied.

lun_nameThe logical unit number (LUN) ODM name on which access control is applied.

iSCSI_nameThe list of iSCSI names (iqn or eui format) of initiators that can access this target or LUN.

You can use two default keywords in this file:all

Used for the target_name or lun_name field. It indicates that the Access Control List is the same forall targets and LUNs on the server. An entry containing all overrides other entries.

anyUsed for the iSCSI_name field. It indicates that one target or LUN is visible by any initiator connectingto the server.

You can use the line continuation character backslash ( \ ) to make each entry easier to read.

Files Reference 3

Attention: If an access list grants an initiator the access to a LUN, the access list must alsoexplicitly grant the access to the target that owns the LUN.

Files

Item Description

/etc/tmiscsi/access_lists

Configures Access Control Lists.

acct.cfg File

Purpose

The acct.cfg file consists of CA stanzas and LDAP stanzas. The CA stanzas contain private CA informationnot suitable for the publicly readable ca.cfg file. LDAP stanzas contain LDAP information such as LDAPadministrative names and passwords.

Description

For every CA stanza in the ca.cfg file, the acct.cfg file should contain an equivalently named CA stanza,and all CA stanzas must be uniquely named. On the other hand, all LDAP stanzas are named ldap. For thisreason, a CA stanza cannot be named ldap. Also, no stanza can be named default. An LDAP stanza mustexist and at least one CA stanza, named local must exist.

Examples

******************************************************************************** CA Stanzas:*

* carefnum Specifies the CA's reference number used while communicating* with the CA through CMP. This value must be the same value as* the one that is specified while configuring the CA. (Required)** capasswd Specifies the CA's password used while commuinicating with* the CA. The length of the password must be at least 12* characters long. This value must be the same value as the one* that is specified while configuring the CA.(Required)** rvrefnum Specifies the revocation reference number used for revoking* a certificate** rvpasswd Specifies the revocation password used for CMP. The length of* the password must be at least 12 character long.** keylabel Defines the name of the key label in the trusted keystore.* (Required)** keypasswd Defines the password of the trusted keystore. (Required)*

* ldap Stanzas:** ldappkiadmin Specifies the PKI LDAP administrator account name.** ldappkiadmpwd Specifies the PKI LDAP administrator account password.** ldapservers Specifies the LDAP server machine name or IP address.** ldapsuffix Specifies the LDAP DN suffix for the root of the LDAP branch* where the PKI data resides.*


local: carefnum = 12345678 capasswd = password1234 rvrefnum = 9999997 rvpasswd = password keylabel = "Trusted Key" keypasswd = somepassword

ldap: ldappkiadmin = "cn=admin" ldappkiadmpwd = password ldapservers = myserver.mydomain.com ldapsuffix = "ou=cert,cn=aixsecdb"

File

/usr/lib/security/pki/acct.cfg

Related referenceca.cfg Filepolicy.cfg FileRelated informationcertcreate commandcertrevoke command

admin File

Purpose

Describes the format of an installation defaults file.

Description

admin is a generic name for an ASCII file that defines default installation actions by assigning values toinstallation parameters. For example, it allows administrators to define how to proceed when the packagebeing installed already exists on the system.

/var/sadm/install/admin/default is the default admin file delivered with your system. The default file isnot writable, so to assign values different from this file, create a new admin file. There are no namingrestrictions for admin files. Name the file when installing a package with the -a flag of the pkgaddcommand. If the -a flag is not used, the default admin file is used.

Each entry in the admin file is a line that establishes the value of a parameter in the following form:

param=value

Eleven parameters can be defined in an admin file. A file is not required to assign values to all elevenparameters. If a value is not assigned, pkgadd asks the installer how to proceed.

The eleven parameters and their possible values are shown below except as noted. They may be specifiedin any order. Any of these parameters can be assigned the value ask, which means that, if the situationoccurs, the installer is notified and asked to supply instructions at that time.

Parameter Description

basedir Indicates the base directory where relocatable packages are to be installed. The valuemay contain $PKGINST to indicate a base directory that is to be a function of the packageinstance.

Files Reference 5


mail Defines a list of users to whom mail should be sent following installation of a package. Ifthe list is empty or if the parameter is not present in the admin file, the default value ofroot is used. The ask value cannot be used with this parameter.

runlevel Indicates resolution if the run level (system state) is not correct for the installation orremoval of a package. Options are:nocheck

Do not check for run level (system state).quit

Abort installation if run level (system state) is not met.

conflict Specifies what to do if an installation expects to overwrite a previously installed file, thuscreating a conflict between packages. Options are:nocheck

Do not check for conflict; files in conflict are overwritten.quit

Abort installation if conflict is detected.nochange

Override installation of conflicting files; conflicting files are not installed.

setuid Checks for executables that have setuid or setgid bits enabled after installation. Optionsare:nocheck

Do not check for setuid executables.quit

Abort installation if setuid processes are detected.nochange

Override installation of setuid processes; processes are installed without setuid bitsenabled.

action Determines if action scripts provided by package developers contain possible securityimpact. Options are:nocheck

Ignore security impact of action scripts.quit

Abort installation if action scripts may have a negative security impact.

partial Checks to see if a version of the package is already partially installed on the system.Options are:nocheck

Do not check for a partially installed package.quit

Abort installation if a partially installed package exists.

idepend Controls resolution if other packages depend on the one to be installed. Options are:nocheck

Do not check package dependencies.quit

Abort installation if package dependencies are not met.



rdepend Controls resolution if other packages depend on the one to be removed. Options are:nocheck

Do not check package dependencies.quit

Abort removal if package dependencies are not met.

space Controls resolution if disk space requirements for package are not met. Options are:nocheck

Do not check space requirements (installation fails if it runs out of space).quit

Abort installation if space requirements are not met.

The value ask cannot be defined in an admin file that is used for non-interactive installation (since bydefinition, there is no installer interaction). Doing so causes installation to fail when input is needed.

Related referencedepend Filepkginfo FileRelated informationpkgadd command

aliases File for Mail

Purpose

Contains alias definitions for the sendmail command.

Description

The /etc/mail/aliases file contains the required aliases for the sendmail command. Do not change thesedefaults, as they are required by the system. The file is formatted as a series of lines in the form:

name: name_1, name_2, name_3,...

The name: is the name of the alias, and the name_n are the aliases for that name. Lines beginning withwhite space are continuation lines. Lines beginning with a # (pound sign) are comments.

Aliasing occurs only on local names. System-wide aliases are used to redirect mail. For example, if youreceive mail at three different systems, you can use the /etc/mail/aliases file to redirect your mail to oneof the systems. As an individual user, you can also specify aliases in your .mailrc file.

Aliases can be defined to send mail to a distribution list. For example, you can send mail to all of themembers of a project by sending mail to a single name.

The sender of a message is not included when the sendmail command expands an alias address. Forexample, if amy sends a message to alias D998 and she is defined as a member of that alias, thesendmail command does not send a copy of the message to amy.

The /etc/mail/aliases file is a raw data file. The sendmail command uses a database version of this file.You must build a new alias database by running the sendmail -bi command or the newaliases commandbefore any changes made to the /etc/mail/aliases file become effective.

As long as you do not rebuild the aliases database, sendmail will continue to read it in its old DBMformat. This consists of two files: /etc/mail/aliases.dir and /etc/mail/aliases.pag. However, the

Files Reference 7

moment you rebuild the aliases database, sendmail will change this format to Berkeley DB. This file willbe stored in /etc/mail/aliases.db.

Note: Upper case characters on the left hand side of the alias are converted to lowercase before beingstored in the aliases database. In the following example, mail sent to the testalias user alias fails,since TEST is converted to test when the second line is stored.

TEST: user@machinetestalias: TEST

To preserve uppercase in user names and alias names, add the u flag to the local mailer description inthe /etc/mail/sendmail.cf file. Thus, in the example above, mail to the testalias user alias wouldsucceed.

Files

Item Description

/etc/mail/aliases Contains systemwide aliases.

/etc/mail/aliasesDB directory Contains the binary files created by the newaliasescommand, including the DB.dir and DB.pag files.

/etc/mail/aliases.db Contains the binary file storing the aliases database inBerkeley DB format, created by the newaliases command

Related reference.mailrc File FormatRelated informationnewaliases commandsendmail commandAlias database building

audit File for BNU

Purpose

Contains debug messages from the uucico daemon.

Description

The /var/spool/uucp/.Admin/audit file contains debug messages from the uucico daemon when it isinvoked as a result of a call from another system. If the uucico daemon is invoked from the local system,the debug messages are sent to either the /var/spool/uucp/.Admin/errors file or to standard output.

Files

Item Description

/var/spool/uucp/.Admin/audit Specifies the path of the audit file.

/var/spool/uucp/.Admin/errors Contains a record of uucico daemon errors.

Related informationuudemon.cleanu command


cron commandBNU log filesBNU File and Directory Structure

/etc/security/authorizations File

Purpose

Contains the list of valid, user-defined authorizations.

Description

The /etc/security/authorizations file stores the list of valid, user-defined authorizations available on asystem. An authorization administrator can modify user-defined authorizations. System-definedauthorizations do not appear in this file. You can add new authorizations to this file using the mkauthcommand and modify authorizations using the chauth command.

The /etc/security/authorizations file is an ASCII file that uses a stanza for each user-definedauthorization. Each stanza is identified by the authorization name followed by a colon (:). You can listauthorization attributes individually as Attribute=Value pairs on subsequent lines. Each attribute pair endswith a newline character, as does each stanza. For an example of a stanza, see “Examples” on page 10.

When the system is operating in Enhanced RBAC Mode, changes that you make to the authorizations filedo not impact security considerations until you send the entire authorization database to the KernelSecurity Tables using the setkst command, or until the system is rebooted.

Modifying and listing entries in the authorizations file

Do not directly edit the /etc/security/authorizations file. Use the following commands and subroutinesto manipulate the authorization database:mkauth

Adds new authorizations to the /etc/security/authorizations file.chauth

Changes user-defined authorization attributes.lsauth

Displays authorizations that are defined in this file and system-defined authorizations.rmauth

Removes entries from this file.

To write programs that affect entries in the /etc/security/authorizations file, use one or more of thefollowing subroutines:

• getauthattr• getauthattrs• putauthattr• putauthattrs

Attributes

A stanza in this file contains one or more of the following attributes:

Files Reference 9

Attribute Description

id Specifies the unique numeric ID of the authorization. This is a required attributeand is used internally for security decisions. Do not modify this ID after creatingthe authorization. The value is a unique decimal integer greater than 10000.Values below 10000 are reserved for system-defined authorizations.

dfltmsg Specifies the default authorization-description text if message catalogs are notin use. The value is a character string.

msgcat Specifies the file name of the message catalog that contains the one-linedescription of the authorization. The value is a character string.

msgset Specifies the message set that contains the authorization description in themessage catalog. The value is a decimal integer.

msgnum Specifies the message ID that contains the authorization description in themessage catalog. The value is a decimal integer.

Security

The root user and the security group own this file. This files grants read and write access to the root user.Access for other users and groups depends on the security policy for the system.

Examples

The following example for the custom authorization displays a typical stanza in the file:

custom: id = 11000 dfltmsg = "Custom Authorization" msgcat = "custom_auths.cat" msgset = 1 msgnum = 5

Related reference/etc/nscontrol.conf FileRelated informationgetauthattr subroutinemkauth commandchauth commandrmauth commandRole Based Access Control (RBAC)

autosecrets File

Purpose

Configures iSCSI target passwords.

Description

The autosecrets file is used to configure iSCSI target passwords. You can use comments in theautosecrets file. The comment character is "#", and must be the first character on the line.


This file contains one entry per target. Each entry has the following format:

target_name chap_name chap_secret

target_nameThe ODM name of the target.

chap_nameThe CHAP name associated with this password. The iSCSI initiator identifies itself by sending thisname to the iSCSI target during the authentication process.

chap_secretThe password, enclosed in double quotation marks.

You can use the line continuation character backslash (\) to make each entry easier to read.

Examples

If the target ODM name is target0, the CHAP name is iqn.com.ibm-K167-42.fc1a, and thechap_name is secret.fc1a, the entry looks like the following example:

target0 iqn.com.ibm-K167-42.fc1a "secret.fc1a"

The following example has the same target, chap_name, and chap_secret, but with a line continuationcharacter.

target0 iqn.com.ibm-K167-42.fc1a \ "secret.fc1a"

Files

Item Description

/etc/tmiscsi/autosecrets

Configures iSCSI target passwords.

backup File

Purpose

Copies the file system onto temporary storage media.

Description

A backup of the file system provides protection against substantial data loss due to accidents or error.The backup command writes file system backups in the backup file format, and conversely, the restorecommand reads file system backups. The backup file contains several different types of header recordsalong with the data in each file that is backed up.

Header Records

The different types of header records for by-name backups are:

Files Reference 11

HeaderRecord

Description

FS_VOLUME Exists on every volume and holds the volume label.

FS_NAME_X Holds a description of a file backed up by name.

FS_END Indicates the end of the backup. This header appears at the end of the last volume.

The different types of header records for by-inode and name backups are:

HeaderRecord

Description

TS_TAPE Exists on every volume and holds the volume label.

TS_BITS Describes the directory structure.

TS_CLRI Describes the unused i-node numbers on the backup system.

TS_INODE Describes the file.

TS_ADDR Indicates a continuation of the preceding file.

TS_END Indicates the end of the backup.

The descriptions of the fields of the header structure for by-inode backups are:

Header Record Description

c_type The header type.

c_date The current dump date.

c_ddate The file system dump date.

c_volume The volume number.

c_tapea The number of the current header record.

c_inumber The i-node number on this record.

c_magic The magic number.

c_checksum The value that would make the record sum to the CHECKSUM value.

bsd_c_dinode A copy of the BSD i-node as it appears on the BSD file system.

c_count The number of characters in the c_addr field.

c_addr A character array that describes the blocks being dumped for the file.

xix_flag Set to the XIX_MAGIC value if doing the backup of a file system.

xix_dinode The real di-node from the file system.

Each volume except the last ends with a tape mark (read as an end of file). The last volume ends with aTS_END record and then the tape mark.

By-Name Format

The format of a by-name backup is:

FS_VOLUME

FS_NAME_X (before each file)

File Data


FS_END

By-Inode Format

The format of a by-inode backup follows:

TS_VOLUME

TS_BITS

TS_CLRI

TS_INODE

TS_END

A detailed description of the by-inode header file follows:

union u_spcl { char dummy[TP_BSIZE]; struct s_spcl { int c_type; /* 4 */ time_t c_date; /* 8 * / time_t c_ddate; /* 12 */ int c_volume; /* 16 */ daddr_t c_tapea; /* 20 */ ino_t c_inumber; /* 24 */ int c_magic; /* 28 */ int c_checksum; /* 32 */ struct bsd_dinode bsd_c_dinode; /* 160 */ int c_count; /* 164 */ char c_addr[TP_NINDIR]; /* 676 */ int xix_flag; /* 680 */ struct dinode xix_dinode; /* 800 */ } s_spcl;} u_spcl;

Constants

Constants used to distinguish these different types of headers and define other variables are:

#define OSF_MAGIC (int)60011#define NFS_MAGIC (int)60012 /* New File System Magic */#define XIX_MAGIC (int)60013 /* Magic number for v3 */#define BYNAME_MAGIC (int)60011 /* 2.x magic number */#define PACKED_MAGIC (int)60012 /* 2.x magic number for */ /* Huffman packed format */#define CHECKSUM (int)84446 /* checksum magic number */#define TP_BSIZE 1024 /* tape block size */#define TP_NINDIR (TP_BSIZE/2) /* num of indirect pointers */ /* in an inode record */#define FS_VOLUME 0 /* denotes a volume header */#define FS_END 7 /* denotes an end of backup */#define FS_NAME_X 10 /* denotes file header */#define SIZSTR 16 /* string size in vol header*/#define DUMNAME 4 /* dummy name length for */ /* FS_NAME_X */#define FXLEN 80 /* length of file index */

Related referencefilesystems FileRelated informationbackup commandpack commandrestore commandFile systemsBackup methods

Files Reference 13

bincmds File

Purpose

Contains the shell commands that process audit bin data.

Description

The /etc/security/audit/bincmds file is an ASCII template file that contains the backend commands thatprocess audit binfile records. The path name of this file is defined in the bin stanza of the /etc/security/audit/config file.

This file contains command lines each composed of one or more commands with input and output thatcan be piped together or redirected. Although the commands usually are one or more of the audit systemcommands (the auditcat command, the auditpr command, the auditselect command), this is not arequirement.

As each bin file is filled by the kernel, the auditbin daemon invokes each command to process the binrecords, substituting the names of the current bin file and the audit trail file for any $trail and $bin stringsin the commands. Upon startup, if the auditbin daemon detects that the bin files require a recoveryprocedur

aix version 7...ntp.keys file 221 objects file 222

Documents