DOCSLIB.ORG

HP-UX Reference

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

HP-UX Reference Section 1: User Commands (N-Z) HP-UX 11i Version 2 Volume 2 of 9 Manufacturing Part Number : B2355-90780 Printed In USA E0803 Printed in USA © Copyright 1983-2003 Hewlett-Packard Development Company LP. Legal Notices The information in this document is subject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett-Packard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material. Use of this document and any supporting software media is restricted to this product only. Additional copies of the programs may be made for security and back-up purposes only. Resale of the programs, in their present form or with alterations, is expressly prohibited. Warranty A copy of the specific warranty terms applicable to your Hewlett-Packard product and replacement parts can be obtained from your local Sales and Service Office. U.S. Government License Proprietary computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data forCommercial Items are licensed to the U.S. Government under vendor’s standard commercial license. Copyright Notices Reproduction, adaptation, or translation of this document without prior written permission is prohibited, except as allowed under the copyright laws. This document and the software it describes may also be protected under one or more of the following copyrights. Additional copyrights are acknowledged in some individual manpages. Copyright 1983-2003 Hewlett-Packard Development Company, LP. Copyright 1979, 1980, 1983, 1985-1993 The Regents of the University of California. ii Copyright 1980, 1984, 1986 Novell, Inc. Copyright 1985, 1986, 1988 Massachusetts Institute of Technology Copyright 1986-2000 Sun Microsystems, Inc. Copyright 1988 Carnegie Mellon University Copyright 1989-1991 The University of Maryland Copyright 1989-1993 The Open Software Foundation, Inc. Copyright 1990 Motorola, Inc. Copyright 1990-1992 Cornell University Copyright 1991-2003 Mentat, Inc. Copyright 1996 Morning Star Technologies, Inc. Copyright 1996 Progressive Systems, Inc. Trademark Notices Intel and Itanium are registered trademarks of Intel Corporation in the US and other countries and are used under license. Java is a US trademark of Sun Microsystems, Inc. Microsoft and MS-DOS are U.S. registered trademarks of Microsoft Corporation. OSF/Motif is a trademark of The Open Group in the US and other countries. UNIX is a registered trademark of The Open Group. X Window System is a trademark of The Open Group. iii Revision History This document’s printing date and part number indicate its edition. The printing date changes when a new edition is printed. (Minor corrections and updates which are incorporated at reprint do not cause the date to change.) New editions of this manual incorporate all material updated since the previous edition. Part Number Date, Release, Format, Distribution B2355-60103 August 2003. HP-UX release 11i version 2, one volume HTML, docs.hp.com and Instant Information. B2355-90779-87 August 2003. HP-UX release 11i version 2, nine volumes PDF, docs.hp.com and print. B9106-90010 June 2002. HP-UX release 11i version 1.6, one volume HTML, docs.hp.com and Instant Information. B9106-90007 June 2001. HP-UX release 11i version 1.5, seven volumes HTML, docs.hp.com and Instant Information. B2355-90688 December 2000. HP-UX release 11i version 1, nine volumes. B2355-90166 October 1997. HP-UX release 11.0, five volumes. B2355-90128 July 1996. HP-UX release 10.20, five volumes, online only. B2355-90052 July 1995. HP-UX release 10.0, four volumes. Conventions We use the following typographical conventions. audit (5) An HP-UX manpage. audit is the name and 5 is the section in the HP-UX Reference. On the web and on the Instant Information CD, it may be a hot link to the iv manpage itself. From the HP-UX command line, you can enter “man audit” or “man 5 audit” to view the manpage. See man (1). Book Title The title of a book. On the web and on the Instant Information CD, it may be a hot link to the book itself. KeyCap The name of a keyboard key. Note that Return and Enter both refer to the same key. Emphasis Text that is emphasized. Emphasis Text that is strongly emphasized. ENVIRONVAR The name of an environment variable. [ERRORNAME] The name of an error number, usually returned in the errno variable. Term The defined use of an important word or phrase. ComputerOutput Text displayed by the computer. UserInput Commands and other text that you type. Command A command name or qualified command phrase. Variable The name of a variable that you may replace in a command or function or information in a display that represents several possible values. [] The contents are optional in formats and command descriptions. If the contents are a list separated by |, you may choose one of the items. {} The contents are required in formats and command descriptions. If the contents are a list separated by |, you must choose one of the items. ... The preceding element may be repeated an arbitrary number of times. | Separates items in a list of choices. v vi Preface HP-UX is the Hewlett-Packard Company’s implementation of an operating system that is compatible with various industry standards. It is based on the UNIX System V Release 4 operating system and includes important features from the Fourth Berkeley Software Distribution. The nine volumes of this manual contain the system reference documentation, made up of individual entries called manpages, named for the man command that displays them on the system. The entries are also known as manual pages or reference pages. General For a general introduction to HP-UX and the structure and format of the Introduction manpages, please see the introduction (9) manpage in volume 9. Section The manpages are divided into sections that also have introduction Introductions (intro) manpages that describe the contents. These are: intro (1) Section 1: User Commands (A-M in volume 1; N-Z in volume 2) intro (1M) Section 1M: System Administration Commands (A-M in volume 3; N-Z in volume 4) intro (2) Section 2: System Calls (in volume 5) intro (3C) Section 3: Library Functions (A-M in volume 6; N-Z in volume 7) intro (4) Section 4: File Formats (in volume 8) intro (5) Section 5: Miscellaneous Topics (in volume 9) intro (7) Section 7: Device (Special) Files (in volume 9) intro (9) Section 9: General Information (in volume 9) vii viii Volume Two Table of Contents Section 1 Volume Two Table of Contents Section 1 Table of Contents Volumes One and Two Section 1: User Commands Entry Name(Section): name Description intro(1): intro ................................................... introduction to command utilities and application programs adb(1): adb ............................................................................................................................ absolute debugger adjust(1): adjust ............................................................................................................ simple text formatter admin(1): admin ........................................................................................... create and administer SCCS files alias: substitute command and/or file name .............................................................................. see sh-posix(1) alias: substitute command and/or filename ........................................................................................ see csh(1) alias: substitute command and/or filename ........................................................................................ see ksh(1) alloc: show dynamic memory usage ................................................................................................... see csh(1) answer(1): answer .................................................................................. phone message transcription system ar(1): ar ............................................................................................. maintain portable archives and libraries as(1): as ................................................................................................. assembler (Itanium Processor Family) asa(1): asa ....................................................................................... interpret ASA carriage control characters at(1): at, batch ..................................................... execute batched commands immediately or at a later time attributes(1): attributes .................................................................................................. describe audio file awk(1): awk .............................................................................. text pattern scanning and processing language banner(1): banner ............................................................................................... make posters in large letters basename(1): basename, dirname .................................................................. extract portions of path names batch: execute batched commands immediately .................................................................................. see at(1) bc(1): bc .............................................................................................
Recommended publications
  • Pluggable Authentication Modules

    Pluggable Authentication Modules

    Who this book is written for This book is for experienced system administrators and developers working with multiple Linux/UNIX servers or with both UNIX and Pluggable Authentication Windows servers. It assumes a good level of admin knowledge, and that developers are competent in C development on UNIX-based systems. Pluggable Authentication Modules PAM (Pluggable Authentication Modules) is a modular and flexible authentication management layer that sits between Linux applications and the native underlying authentication system. The PAM framework is widely used by most Linux distributions for authentication purposes. Modules Originating from Solaris 2.6 ten years ago, PAM is used today by most proprietary and free UNIX operating systems including GNU/Linux, FreeBSD, and Solaris, following both the design concept and the practical details. PAM is thus a unifying technology for authentication mechanisms in UNIX. This book provides a practical approach to UNIX/Linux authentication. The design principles are thoroughly explained, then illustrated through the examination of popular modules. It is intended as a one-stop introduction and reference to PAM. What you will learn from this book From Technologies to Solutions • Install, compile, and configure Linux-PAM on your system • Download and compile third-party modules • Understand the PAM framework and how it works • Learn to work with PAM’s management groups and control fl ags • Test and debug your PAM confi guration Pluggable Authentication Modules • Install and configure the pamtester utility
  • Strong Distributed Authentication Architecture for UNIX Ashwin Ganti

    Strong Distributed Authentication Architecture for UNIX Ashwin Ganti

    University of Illinois at Chicago Strong Distributed Authentication Architecture for UNIX by Ashwin Ganti A PROJECT SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE MASTER OF SCIENCE in COMPUTER SCIENCE Approved, MASTERS PROJECT COMMITTEE Jon Solworth, Adviser Associate Professor of Computer Science V.N. Venkatakrishnan Assistant Professor of Computer Science Chicago, Illinois December, 2007 This project is dedicated to my family. Acknowledgments I would like to thank my adviser Jon Solworth for his invaluable guidance throughout the course of the research for this project and for having been most patient and supportive of me during the entire duration of my time in graduate school. Ashwin 2 Contents 1 Introduction 7 2 Overview of the Frameworks used 9 2.1 PAM........................................ 10 2.2 Name Service Module . 11 2.3 IPSec . 12 3 System Design 12 3.1 Statics . 12 3.1.1 Modules of the system . 12 3.1.2 Relation between the Modules . 13 3.1.3 SayAnything Certificates Used . 13 3.1.4 Relation between certificates . 15 3.2 Dynamics - Logical Flow . 17 4 System Internals 18 4.1 pam sayAnything . 18 4.2 nss sayAnything . 18 4.2.1 getpwuid (uid t uid) . 19 4.2.2 getpwnam (char* name) . 20 4.2.3 setpwent (void) . 20 4.2.4 getpwent (void) . 20 4.2.5 endpwent (void) . 21 4.3 sayAnything Agent . 21 4.3.1 Overview . 22 4.3.2 Logical Flow . 22 4.4 Certificate Server . 24 3 4.4.1 Add Certificate . 24 4.4.2 Get Certificate . 24 5 System Administration 25 5.1 pam sayAnything .
  • Freebsd File Formats Manual Libarchive-Formats (5)

    Freebsd File Formats Manual Libarchive-Formats (5)

    libarchive-formats (5) FreeBSD File Formats Manual libarchive-formats (5) NAME libarchive-formats —archive formats supported by the libarchive library DESCRIPTION The libarchive(3) library reads and writes a variety of streaming archive formats. Generally speaking, all of these archive formats consist of a series of “entries”. Each entry stores a single file system object, such as a file, directory,orsymbolic link. The following provides a brief description of each format supported by libarchive,with some information about recognized extensions or limitations of the current library support. Note that just because a format is supported by libarchive does not imply that a program that uses libarchive will support that format. Applica- tions that use libarchive specify which formats theywish to support, though manyprograms do use libarchive convenience functions to enable all supported formats. TarFormats The libarchive(3) library can read most tar archives. However, itonly writes POSIX-standard “ustar” and “pax interchange” formats. All tar formats store each entry in one or more 512-byte records. The first record is used for file metadata, including filename, timestamp, and mode information, and the file data is stored in subsequent records. Later variants have extended this by either appropriating undefined areas of the header record, extending the header to multiple records, or by storing special entries that modify the interpretation of subsequent entries. gnutar The libarchive(3) library can read GNU-format tar archives. It currently supports the most popular GNU extensions, including modern long filename and linkname support, as well as atime and ctime data. The libarchive library does not support multi-volume archives, nor the old GNU long filename format.
  • IT Acronyms.Docx

    IT Acronyms.Docx

    List of computing and IT abbreviations /.—Slashdot 1GL—First-Generation Programming Language 1NF—First Normal Form 10B2—10BASE-2 10B5—10BASE-5 10B-F—10BASE-F 10B-FB—10BASE-FB 10B-FL—10BASE-FL 10B-FP—10BASE-FP 10B-T—10BASE-T 100B-FX—100BASE-FX 100B-T—100BASE-T 100B-TX—100BASE-TX 100BVG—100BASE-VG 286—Intel 80286 processor 2B1Q—2 Binary 1 Quaternary 2GL—Second-Generation Programming Language 2NF—Second Normal Form 3GL—Third-Generation Programming Language 3NF—Third Normal Form 386—Intel 80386 processor 1 486—Intel 80486 processor 4B5BLF—4 Byte 5 Byte Local Fiber 4GL—Fourth-Generation Programming Language 4NF—Fourth Normal Form 5GL—Fifth-Generation Programming Language 5NF—Fifth Normal Form 6NF—Sixth Normal Form 8B10BLF—8 Byte 10 Byte Local Fiber A AAT—Average Access Time AA—Anti-Aliasing AAA—Authentication Authorization, Accounting AABB—Axis Aligned Bounding Box AAC—Advanced Audio Coding AAL—ATM Adaptation Layer AALC—ATM Adaptation Layer Connection AARP—AppleTalk Address Resolution Protocol ABCL—Actor-Based Concurrent Language ABI—Application Binary Interface ABM—Asynchronous Balanced Mode ABR—Area Border Router ABR—Auto Baud-Rate detection ABR—Available Bitrate 2 ABR—Average Bitrate AC—Acoustic Coupler AC—Alternating Current ACD—Automatic Call Distributor ACE—Advanced Computing Environment ACF NCP—Advanced Communications Function—Network Control Program ACID—Atomicity Consistency Isolation Durability ACK—ACKnowledgement ACK—Amsterdam Compiler Kit ACL—Access Control List ACL—Active Current
  • Implementing Infiniband on IBM System P

    Implementing Infiniband on IBM System P

    Front cover Implementing InfiniBand on IBM System p Understanding and exploiting InfiniBand HPC and commercial solution explored AIX 5L V5.3 and SLES 9 implementation Dino Quintero Norbert Conrad Rob Desjarlais Marc-Eric Kahle Jung-Hoon Kim Hoang-Nam Nguyen Tony Pirraglia Fernando Pizzano Robert Simon Shi Lei Yao Octavian Lascu ibm.com/redbooks International Technical Support Organization Implementing InfiniBand on IBM System p September 2007 SG24-7351-00 Note: Before using this information and the product it supports, read the information in “Notices” on page ix. First Edition (September 2007) This edition applies to Version 5, Release 3, Modification 4, APAR IY84006 of AIX 5L, of SUSE LINUX Enterprise Server 9 for POWER Service Pack 3, SLES 9 SP3 and Release 6, Version 1.0 and APAR MB01795 of the Hardware Management Console (HMC). © Copyright International Business Machines Corporation 2007. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . ix Trademarks . x Preface . xi The team that wrote this book . xi Become a published author . xiv Comments welcome. xv Part 1. InfiniBand architecture. 1 Chapter 1. Introduction. 3 1.1 Introduction to InfiniBand. 4 Chapter 2. Introduction to InfiniBand technology . 7 2.1 A technical introduction to InfiniBand . 9 2.2 Markets . 10 2.3 Application clustering . 11 2.4 I/O architectures: fabric versus bus. 12 2.4.1 Shared bus architecture . 13 2.4.2 New interconnects compliment InfiniBand . 13 2.4.3 Bandwidth out of the box. 14 2.5 InfiniBand technical overview .
  • 1977 , Volume , Issue July-1977

    1977 , Volume , Issue July-1977

    JIM 1977 HEWLE1TPACKARD JOURNAL \ m •: "ik, ;», > i © Copr. 1949-1998 Hewlett-Packard Co. Small Computer System Supports Large-Scale Multi-User APL Powerful, interactive APL is now available for the multi lingual HP 3000 Series II Computer System. A special terminal displays the APL character set. by Kenneth A. Van Bree APL (A PROGRAMMING LANGUAGE) is an compiler allows computation to be avoided in many interactive language that allows access to the full cases, and eliminates the need for many temporary power of a large computer while maintaining a user variables to store intermediate results. interface as friendly as a desktop calculator. APL One problem that has always plagued APL users is is based on a notation developed by Dr. Kenneth the limited size of most APL workspaces. A work Iverson1 of IBM Corporation over a decade ago, and space in APL is a named data area that contains all the has been growing in popularity in both the business data variables and functions that relate to a particular and scientific community. The popularity of APL stems from its powerful primitive operations and data structures , coupled with its ease of programming Cover: In the foreground, and debugging. Model 2641 A APL Display Most versions of APL to date have been on large and Station demonstrates its therefore expensive computers. Because of the ex role as the principal user pense involved in owning a computer large enough to interface for APL3000, an run APL, most of the use of APL outside of IBM has enhanced version of APL (A been through commercial timesharing companies.
  • CDE: Run Any Linux Application On-Demand Without Installation

    CDE: Run Any Linux Application On-Demand Without Installation

    CDE: Run Any Linux Application On-Demand Without Installation Philip J. Guo Stanford University [email protected] Abstract with compiling, installing, and configuring software and their myriad of dependencies. For example, the official There is a huge ecosystem of free software for Linux, but Google Chrome help forum for “install/uninstall issues” since each Linux distribution (distro) contains a differ- has over 5800 threads. ent set of pre-installed shared libraries, filesystem layout In addition, a study of US labor statistics predicts that conventions, and other environmental state, it is difficult by 2012, 13 million American workers will do program- to create and distribute software that works without has- ming in their jobs, but amongst those, only 3 million will sle across all distros. Online forums and mailing lists be professional software developers [24]. Thus, there are are filled with discussions of users’ troubles with com- potentially millions of people who still need to get their piling, installing, and configuring Linux software and software to run on other machines but who are unlikely their myriad of dependencies. To address this ubiqui- to invest the effort to create one-click installers or wres- tous problem, we have created an open-source tool called tle with package managers, since their primary job is not CDE that automatically packages up the Code, Data, and to release production-quality software. For example: Environment required to run a set of x86-Linux pro- grams on other x86-Linux machines. Creating a CDE • System administrators often hack together ad- package is as simple as running the target application un- hoc utilities comprised of shell scripts and custom- der CDE’s monitoring, and executing a CDE package re- compiled versions of open-source software, in or- quires no installation, configuration, or root permissions.
  • IDOL Keyview PDF Export SDK 12.6 C Programming Guide

    IDOL Keyview PDF Export SDK 12.6 C Programming Guide

    KeyView Software Version 12.6 PDF Export SDK C Programming Guide Document Release Date: June 2020 Software Release Date: June 2020 PDF Export SDK C Programming Guide Legal notices Copyright notice © Copyright 1997-2020 Micro Focus or one of its affiliates. The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. Documentation updates The title page of this document contains the following identifying information: l Software Version number, which indicates the software version. l Document Release Date, which changes each time the document is updated. l Software Release Date, which indicates the release date of this version of the software. To check for updated documentation, visit https://www.microfocus.com/support-and-services/documentation/. Support Visit the MySupport portal to access contact information and details about the products, services, and support that Micro Focus offers. This portal also provides customer self-solve capabilities. It gives you a fast and efficient way to access interactive technical support tools needed to manage your business. As a valued support customer, you can benefit by using the MySupport portal to: l Search for knowledge documents of interest l Access product documentation l View software vulnerability alerts l Enter into discussions with other software customers l Download software patches l Manage software licenses, downloads, and support contracts l Submit and track service requests l Contact customer support l View information about all services that Support offers Many areas of the portal require you to sign in.
  • Forcepoint DLP Supported File Formats and Size Limits

    Forcepoint DLP Supported File Formats and Size Limits

    Forcepoint DLP Supported File Formats and Size Limits Supported File Formats and Size Limits | Forcepoint DLP | v8.8.1 This article provides a list of the file formats that can be analyzed by Forcepoint DLP, file formats from which content and meta data can be extracted, and the file size limits for network, endpoint, and discovery functions. See: ● Supported File Formats ● File Size Limits © 2021 Forcepoint LLC Supported File Formats Supported File Formats and Size Limits | Forcepoint DLP | v8.8.1 The following tables lists the file formats supported by Forcepoint DLP. File formats are in alphabetical order by format group. ● Archive For mats, page 3 ● Backup Formats, page 7 ● Business Intelligence (BI) and Analysis Formats, page 8 ● Computer-Aided Design Formats, page 9 ● Cryptography Formats, page 12 ● Database Formats, page 14 ● Desktop publishing formats, page 16 ● eBook/Audio book formats, page 17 ● Executable formats, page 18 ● Font formats, page 20 ● Graphics formats - general, page 21 ● Graphics formats - vector graphics, page 26 ● Library formats, page 29 ● Log formats, page 30 ● Mail formats, page 31 ● Multimedia formats, page 32 ● Object formats, page 37 ● Presentation formats, page 38 ● Project management formats, page 40 ● Spreadsheet formats, page 41 ● Text and markup formats, page 43 ● Word processing formats, page 45 ● Miscellaneous formats, page 53 Supported file formats are added and updated frequently. Key to support tables Symbol Description Y The format is supported N The format is not supported P Partial metadata
  • Oracle Solaris Administration Naming and Directory Services

    Oracle Solaris Administration Naming and Directory Services

    Oracle® Solaris Administration: Naming and Directory Services Part No: 821–1455–11 December 2011 Copyright © 2002, 2011, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract,and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
  • Unix Command

    Unix Command

    Veloce descrizione di comandi Unix Buona parte dei comandi dell’elenco seguente fanno parte della distribuzione standard di molte architetture Unix. Per i dettagli vedere le relative pagine di manuale, invocabili con il comando "man topic". a2p convertitore awk - perl amstex AmSTeX language create, modify, and extract from archives (per creare ar librerie) arch print machine architecture at, batch, atq, atrm - queue, examine or delete jobs for later at execution awk gawk - pattern scanning and processing language basename strip directory and suffix from filenames bash GNU Bourne-Again SHell bc An arbitrary precision calculator language bibtex make a bibliography for (La)TeX c++ GNU project C++ Compiler cal displays a calendar cat concatenate files and print on the standard output cc gcc, g++ - GNU project C and C++ Compiler checkalias usage: /usr/bin/checkalias alias .. chfn change your finger information chgrp change the group ownership of files chmod change the access permissions of files chown change the user and group ownership of files chsh change your login shell cksum checksum and count the bytes in a file clear clear terminal screen cmp compare two files col filter reverse line feeds from input column columnate lists comm compare two sorted files line by line compress compress, uncompress, zcat - compress and expand data cp copy files cpio copy files to and from archives tcsh - C shell with file name completion and command line csh editing csplit split a file into sections determined by context lines cut remove sections from each
  • Computer System Administration. Topic 3. Active Directory Integration Mechanisms: PAM + NSS (Sssd)

    Computer System Administration. Topic 3. Active Directory Integration Mechanisms: PAM + NSS (Sssd)

    Computer System Design and Administration Topic 3. Active directory integration mechanisms: PAM + NSS (SSSd) José Ángel Herrero Velasco Department of Computer and Electrical Engineering This work is published under a License: Creative Commons BY-NC-SA 4.0 Computer System Design and Administration Topic 3. Active directory integration mechanisms: PAM + NSS (SSSd) Secure information service: Puzzle Information server LDAP clients Active Directory client Open OpenLDAP LDAP model LDAP DB SSL SSL service ” SSL Main SSH server sign-on ISC ISC ISC Third-party service DHCP DNS NTP client services Secondary Single Single Open “ LDAP DB service SSH client LDAP SSL SSL Replicated José Ángel Herrero Velasco Computer System Design and Administration Topic 3. Active directory integration mechanisms: PAM + NSS (SSSd) Target: The Single Sing-On mechanisms • Implementaon and development of a secure and centralized system for the management of account and computa*onal informaon in an enterprise (corporave) environment, using LDAP protocol. – Single Sing-On INTEGRATION mechanisms: • LDAP ac?ve directory Open DB LDAP LDAP • Centralized idenficaon and authencaon aware versions of C-library rou)nes – Identy NSS. SSSd (all in one). – Authen?cate PAM. José Ángel Herrero Velasco Computer System Design and Administration Topic 3. Active directory integration mechanisms: PAM + NSS (SSSd) PAM: Definition & features • P.A.M: Pluggable Authen+ca+on Modules: – Ini)ally developed by Sun Microsystems (Oracle) from 1995 (RFC 86.0). • Definion: – It’s a suite of shared libraries that: • Enables integrang mul+ple authen*caon schemas into an API which is used by applicaons: – PAM-aware applica?ons, through this API, are able to select the authencaon mechanism(s) that it uses: » Currently, by default.