~/.rhosts

This file contains a list of hosts from which this user is allowed to initiate a remote session without additional authentication. For more information see the rhosts(4) man page.

command hostname username

dblow

-rw-r--r-- (644) root,sys

~/.sgisession

Applications placed in this file will be executed when the user logs in. For more information see the Desktop User's Guide.

command

-rw-r--r-- (644) root,sys

/var/adm/lastlog/username

These files record information for use by the login program about your last login.

A typical lastlog file might look like:

^A(:4ujohnsmith.other.place.com

dblow

-rw-r--r-- (644) root,sys

/var/adm/SYSLOG

This file contains a log of all events corresponding to those selected in the /etc/syslog.conf file. For more information see the syslog(3C) man page.

A typical SYSLOG file looks like:

Sep 2 01:01:39 mymachine syslogd: restart 
Sep 3 09:58:35 mymachine sendmail[21326]: AA21326: 
from=, size=2266, class=0 
Sep 3 10:02:32 mymachine sendmail[21336]: AA21336: 
from=, size=1605, class=0 
Sep 3 10:07:15 mymachine sendmail[21342]: AA21342: 
from=, size=2202, class=0 

dbadmin

-rw-r--r-- (644) root,sys

/var/adm/oSYSLOG

This file is a saved old version of the system log. For more information see the syslog(3C) man page.

A typical oSYSLOG has records of the form:

Sep 2 01:01:38 mymachine syslogd: restart 
Sep 3 15:26:12 mymachine sendmail[15324]: AA15324: 
from=, size=1027, class=0 
Sep 3 17:14:02 mymachine sendmail[15424]: AA15424: 
from=, size=1080, class=0 
Sep 3 17:44:03 mymachine sendmail[15461]: AA15461: 
from=, size=974, class=0 

dbadmin

-rw-r--r-- (644) root,sys

/var/adm/OLDsulog 

This file is used for backups of the sulog file. For more information see the sulog(4) man page.

Each entry in OLDsulog has the following form:

SU 09/09 10:21 + ttyq2 invoking user-new identity 

dbadmin

-rw------- (600) root,sys

/var/adm/sulog

This file contains a log of all uses of the su command. For more information see the sulog(4) man page.

Each entry in sulog has the following form:

SU 09/09 10:21 + ttyq2 invoking user-new identity 

dbadmin

-rw------- (600) root,sys

/var/adm/utmp

This file holds user information for such commands as who, write, and login. For more information about this file, see the utmp(4) man page.

Example:

struct utmp { 
char ut_user[8]; /*User login name*/ 
char ut_id[4]; /*/etc/inittab id usually line #)*/
char ut_line[12]; /* device name (console,lnxx)*/
short ut_pid; /*process id*/ 
short ut_type; /* type of entry */ 
struct exit_status { 
~~~~short ~~~~e_termination;/*termination status*/ 
~~~~short ~~~~e_exit; /* Process exit status */ 
}ut_exit; /*exit status of a process marked */ 
/* as a DEAD_PROCESS.*/ 
time_t ut_time; /* time entry was made */ 
};

dblow

-rw-r--r-- (644) root,sys

/var/adm/wtmp

This file contains one record per username with related information: inittab ID, device name connected to, process ID, type of entry (for example, a login process), exit status, and time the entry was made. For more information about this file see the utmp(4) man page.

Example:

struct utmp { 
char ut_user[8]; /* User login name */ 
char ut_id[4]; /*/etc/inittab id usually line #*/
char ut_line[12]; /* device name (console,lnxx) */ 
short ut_pid; /* process id */ 
short ut_type; /* type of entry */ 
struct exit_status { 
~~~~short ~~~~e_termination;/*termination status*/
~~~~short ~~~~e_exit; /* Process exit status */ 
} ut_exit; /* The exit status of a process marked as DEAD_PROCESS. */ 
time_t ut_time; /* time entry was made */ 
};

wildcard

-rw-rw-r-- (664) root,sys

/var/spool/lp/pstatus

Printer status information is stored in this file. For more information see the lpstat(1) man page.

Data file.

dbadmin

-rw-r--r-- (644) lp,sys

/var/spool/lp/qstatus

Print queue status information is stored in this file. For more information see the lpstat(1) man page.

Data file.

dbadmin

-rw-r--r-- (644) lp,sys

/dev/console

The console provides the operator interface to the system. The operating system and system utility programs display error messages on the system console.

The console is a logical terminal represented by a text window on the graphics monitor.

The evaluated configuration does not support the option of using a serial terminal.

The device special file /dev/console represents the system console. /dev/console is the slave side of pseudo-tty (see the pty(7) man page).

Special device file.

dblow

crw--w--w- (622) root,sys

/dev/klog

This the kernel error logging interface. When this device is open, messages printed by the kernel, which normally appear only in the system console window, also are buffered by the klog driver. The messages obtained by reading from this driver are the text of the kernel error messages.

Normally, this device is opened and read by syslogd, the system logging daemon.

For more information see the klog(7) man page.

Special device file.

dblow

crw-r--r-- (644) root,sys

/dev/kmem

This is a special file that is an image of the kernel virtual memory of the computer. It may be used, for example, to examine and even to patch the system memory. For more information see the kmem(7) man page.

dblow

crw-r----- (640) root,sys

/dev/log

This file is a named pipe that is read by syslogd as a source of system log messages. If a program writes error messages to /dev/log, syslogd receives the messages and places them in the system log. For more information see the log(7) man page.

Named pipe.

wildcard

prw-rw-rw- (666) root,sys

/dev/ptc

This file is the clonable pseudo-tty. For more information see the clone(7) man page.

wildcard

crw-rw-rw- (666) root,sys

/dev/tty

This file is, in each process, a synonym for the control terminal associated with the process group of that process, if any. For more information see the tty(1) man page.

wildcard

crw-rw-rw- (666) root,sys

/etc/TIMEZONE

This file contains the time zone (for example, EST), the hours of difference between the time zone and Greenwich time zone (for example, 5), and the alternative time zone (for example, EDT). All the information is in one line without any field separators. For more information see the timezone(4) man page.

TZ=timezone hours_from_GMT daylight_timezone

dblow

-rw-r--r-- (644) root,sys

/etc/aliases

This file contains the user and group aliases used by sendmail. For more information about this file see the aliases(4) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/capability

This file specifies the capabilities allowed for each user account on the system. Capabilities allow a process to perform a specific set of restricted operations without granting privileged access to the entire system. This file contains the following information for each account:

For more information see the capability(4) man page.

The following is a sample capability file:

root:all+eip:all+eip
sysadm:all=:all=
auditor:CAP_AUDIT_WRITE,CAP_AUDIT_CONTROL,CAP_KILL+eip
dbadmin:all=:all=
ernie:all=:CAP_FOWNER,CAP_SETFCAP+eip
casey:all=:all+eip

dblow

-rw-r--r-- (644) root,sys

/etc/clearance

This is the user label file. This file contains the following information for each user:

For more information see the clearance(4) man page.

The following is a sample clearance file:

root:dblow:dblow...dbadmin
bill:userlow:userlow...userhigh

dblow

-rw-r--r-- (644) root,sys

/etc/cshrc

This file is the prototype .cshrc.

This file contains a sample of C-shell initialization commands. It is used as the default set of commands. For more information see the csh(1) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/exports

This file describes the filesystem exported to NFS clients. For more information see the exports(4) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/fstab

This file describes the filesystems and swapping partitions used by the local machine. For more information see the fstab(4) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/gettydefs

This file contains information used by getty to set up the speed and terminal settings for a serial line. This file supplies information on what the login prompt should look like. It also supplies the speed to try next if the user indicates the current speed is not correct by typing a break character. For more information see the getty(1M) man page.

label# initial-flags # final-flags # login-prompt #next-label 

dblow

-rw-r--r-- (644) root,sys

/etc/group

This file is the definition file for user groups on the system. For more information see the group(4) man page,

groupname:epasswd:GID:[user1,user2]

dblow

-rw-r--r-- (644) root,sys

/etc/passwd

/etc/hosts

This file contains information regarding the known hosts on the network. For more information see the hosts(4) man page.

IP-address hostname alias[es]

dblow

-rw-r--r-- (644) root,sys

/etc/hosts.equiv

This file contains a list of trusted hosts. When an rlogin, rcp, or rsh request from a listed host is made and the initiator of the request is also listed in the /etc/passwd file, no further validity checking is done as long as the login name and user ID number of the user on the remote host are identical to the listing in the local /etc/passwd file. If these conditions are met, rlogin does not prompt for a password, and rcp, and rsh complete successfully. So a remote user is “equivalenced” to a local user with the same user name and user ID number when the remote user's host name is found in hosts.equiv.

For more information see the host.equiv(4) man page.

hostname 

dblow

-rw-r--r-- (644) root,sys

/etc/ioctl.syscon

This file defines the state of the console device. When init comes up at boot time, and whenever it switches out of single-user state to normal run states, it sets the ioctl states of the virtual console, /dev/console, to those modes saved in the file /etc/ioctl.syscon. This file is written by init whenever the single-user state is entered.

d26:1805:8bf:3b:0:3:1c:8:18:4:0:0:0:0:0:0 

dblow

-rw-r--r-- (644) root,sys

init

init

/etc/inetd.conf

This configuration file is read by inetd to control network services. For more information see the inetd(1M) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/inittab

This file supplies the script to the init command's role as a general process dispatcher. The majority of init's process dispatching activity involves creating instances of the terminal line process, /etc/getty. Other processes typically dispatched by init are daemons and shells. For more information see the inittab(4) man page.

id:rstate:action:process

dblow

-rw-r--r-- (644) root,sys

/etc/mail/submit.cf

This is the configuration file for the mail submission program which is used to submit Emails as invoked by programs (or users). For more information about this file, see the sendmail(8) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/motd

This file is used for the “Message of the Day.” The system administrator can freely edit this file. The /etc/motd file is displayed each time a user logs in. For more information see the motd(4) man page.

ASCII text file.

dblow

-rw-r--r-- (644) root,sys

/etc/nologin

If the file is present, remote user logins via the network are not permitted.

There is no syntax to this file. The existence of the file is all that is required.

dblow

-r--r--r-- (444) root,sys

login

login

/etc/opasswd

This file is a backup copy of /etc/passwd.

username:e_passwd[,Mmww|lock_char]:UID:GID:GECOS: $HOME:$SHELL 

dblow

-rw-r--r-- (644) root,sys

/etc/passwd

This file contains information about the user. For trusted systems, the encrypted password should not be stored in this file. The encrypted password is kept in /etc/shadow. The passwd file contains the following information for each user:

For more information see the passwd(1) man page.

username::UID:GID:GECOS: $HOME:$SHELL

dblow

-rw-r--r-- (644) root,sys

/etc/profile

This file is the prototype shell environment command file for use with /bin/sh. Commands in this file are executed when the shell starts up. For more information see the profile(4) man page.

ASCII text file.

dblow

-rw-r--r-- (644) root,sys

/etc/resolv.conf

This configuration file has several functions. It defines the default domain or the default domain search list. It specifies the ordering of host resolution services used by gethostbyname and gethostbyaddr. It lists Internet addresses of name servers. For more information see the resolv.conf(4) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/rhost.conf

This file is the configuration file for the remote login and remote shell programs. It specifies the parameters under which remote logins and shells are allowed on your system from systems that share your security policy and those that do not. Default capability sets and allowed login labels are specified here. For more information see the rhost(1M) man page.

dblow

-rw------- (600) root,sys

/etc/sendmail.cf

This is the configuration file for sendmail running as the mail transmission agent. It is used in conjunction with the auto configuration script configmail. For more information about this file, see the sendmail(8) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/services

The /etc/services file contains information regarding the known services available in the Internet. For more information see the services(4) man page.

Example syntax:

smtp 25/tcp mail

dblow

-rw-r--r-- (644) root,sys

/etc/shadow

This is the user password file. This file contains the following information for each user:

For more information see the shadow(4) man page.

The following is a sample shadow file:

root:kEXFeXFTPoxE
bill:6k/7KCFRPNVXg,z/

dblow

-rw------- (600) root,sys

/etc/sys_id

This file contains the name by which the system is known on the network. For more information see the sys_id(4) man page.

hostname

dblow

-rw-r--r-- (644) root,sys

/etc/syslog.conf

This file directs the system log daemon (syslogd) to log messages in a given set of files. Each log message in a logfile is one line. For more information about this file see the syslogd(1M) man page.

An example syslog.conf file:

kern.debug |/usr/adm/klogpp /usr/adm/SYSLOG
kern.debug |/usr/adm/klogpp /dev/console 
daemon,auth,syslog,lpr.debug /usr/adm/SYSLOG 
kern.err @ginger 
*.emerg * 
*.alert eric,beth 
*.alert;auth.warning ralph

dblow

-rw-r--r-- (644) root,sys

/etc/ttytype

This file contains a list of the tty ports on the system and, for each port, the kind of terminal that is attached to it. For more information see the ttytype(4) man page.

Example:

iris-ansi console 
iris-ansi systty 
vt100 ttyd1 
?h19 ttyd2 
?h19 ttyd3 
?v50am ttyd4 
?v50am ttyd5 
?v50am ttyd6 
?v50am ttyd7 
?v50am ttyd8 
?v50am ttyd9 
?v50am ttyd10 
?v50am ttyd11 
?v50am ttyd12

dblow

-rw-r--r-- (644) root,sys

/etc/config/acct

This file contains either the word “on” or “off.” If it contains “on,” process accounting is turned on by default. If it contains the word “off,” process accounting is not run by default. For more information about this file see the acct(1M) man page.

The word “on” or “off.”

dblow

-rw-r--r-- (644) root,sys

/etc/config/automount

This file is used by the system to direct NFS to automatically mount network filesystems or not to mount them. For more information about this file see the automount(1M) man page.

The word “on” or “off.”

dblow

-rw-r--r-- (644) root,sys

/etc/config/automount.options

This file contains the command-line options used by the automount command. For more information about this file see the automount(1M) man page.

dblow

-r--r--r-- (444) root,sys

/etc/default/config

This file controls the default actions of the login program, such as the number of unsuccessful attempts to log in or the timeout period while waiting for a password. This file is described in the login(4) man page.

Example:

maxtries=5
disabletime=30
passwdreq

dblow

-rw-r--r-- (644) root,sys

/etc/config/named

This file directs the system to spawn or not to spawn the named domain name server. For more information about this file see the named(1M) man page.

The word “on” or “off.”

dblow

-rw-r--r-- (644) root,sys

/etc/config/network

This file is used by the system to direct NFS to spawn the lock and status daemons or not to spawn them. For more information about this file see the network(1M) man page.

The word “on” or “off.”

dblow

-rw-r--r-- (644) root,sys

/etc/config/nfs

This file is used by the system to start the NFS daemons and mount the network filesystems. For more information about this file see the nfs(4) man page.

The word “on” or “off.”

dblow 

-rw-r--r-- (644) root,sys

init

/etc/config/rwhod

This file directs the system to spawn or not to spawn the rwhod server daemon. For more information about this file see the rwhod(1M) man page.

The word “on” or “off.”

dblow

-rw-r--r-- (644) root,sys

/etc/config/satd.options

This option file contains saved satd options. A flag to satd fills this file with the current satd options.

dblow

-rw-r--r-- (644) root,sys

/etc/config/sat_select.options

This file contains saved options to sat_select. A flag to sat_select fills this file with the current sat_select options. For more information about this file see the sat_select(1M) man page.

dblow

-rw-r--r-- (644) root,sys

/etc/config/syslogd.options

This file contains command line options for the syslogd program. syslogd reads and logs messages into a set of files. For information about the syslogd program see the syslogd(1M) man page.

Optional site-specific flags belong in the options file. The available flags are:

-f – Specify an alternate configuration file.

-m – Select the number of minutes between mark messages.

-d – Turn on debugging.

-p – Use the given name for the named pipe instead of /dev/log.

dblow

-rw-r--r-- (644) root,sys

/etc/config/timed

This file directs the system to spawn or not to spawn the timed clock controlling daemon. For more information about timed, see the timed(1M) man page.

The word “on” or “off.”

dblow

-rw-r--r-- (644) root,sys

/etc/config/timed.options

This file contains the default optional flags used by timed, the time daemon used to synchronize the host's time with the time of other machines in a local area network. For more information see the timed(1M) man page.

Default:

-G timelords -P /var/adm/timetrim

dblow

-rw-r--r-- (644) root,sys

This field associates a human readable text name with the category number. Typically, the category number is used to identify projects or areas (categories) of information. A category allows labels to have the same sensitivity level (such as proprietary) but different security labels by having different categories (such as a category named cashew and a category named pistachio).

A categorynames field might look like:

black:category:0xa 
blue:category:0xb 
green:category:0x3f 
lavender:category:0x6e 
orange:category:0x3c 
pink:category:0x96 
purple:category:0x97 
red:category:0xaa 
violet:category:0xd2 
white:category:0xdc

This field associates a human readable text name with the division number. The division number is a non-hierarchical value that indicates a grade type that this label includes. Typically, the division number is used to identify projects or areas (categories) of integrity. A division allows labels to have the same grade (such as highest grade), and to have different security labels by having different divisions (such as a division named cookie and a division named fudge).

A divisionnames field might look like this:

IRIXsuperuser:division:0x1 
IRIXdbadmin:division:0x2 
IRIXinit:division:0x3
apple pie:division:0x65
cake:division:0x78 
chocolate:division:0x79 
cookie:division:0x7a 
custard:division:0x7c 
fudge:division:0x96

This field associates a human readable ASCII text name with the grade value. The grade value is a hierarchical value that indicates how trustworthy the label is. For example, the grade could have names such as Dubious, Suspect, Normal, Confident, Verified, TheTruth, and so on.

A gradenames field might look like this:

lowestgrade:grade:0x1 
lowest grade:grade:0x1
good:grade:0x1c 
choice:grade:0x50 
prime:grade:0xfe
best:grade:0xff 
highestgrade:grade:0x10
highest grade:grade:0x10

This field defines all the possible security labels in an ASCII text format. It associates an ASCII text name with a security label. This field defines the name of the security label, and the MSEN type, sensitivity level, MINT type, grade, categories and divisions. Interpretation of this field relies on the msentypenames, levelnames, minttypenames, gradenames, categorynames, and divisionnames data files to define components that are specified by name rather than by number.

A labelnames field might look like this:

label1:alias:”msenlow/minthigh”
label2:alias:msenlow/mintlow 
label3:alias:msentcsec,proprietary/minbiba,best

This field associates a human readable ASCII text name with the sensitivity level value. The sensitivity level is a hierarchical value that indicates how sensitive the label is. For example, the sensitivity level could have names such as Sensitive, Classified, Secret, Top Secret, and so on.

A typical levelnames field looks something like this:

# This is a comment line.
public:level:0x69
proprietary:level:0x2e 
company sensitive:leve:0x28 
company confidential:level:0x32
executive committee only:level:0x33

This field maps the MINT (Mandatory Integrity) type of a security label from an ASCII name to the numeric value.

The default minttypenames field on your system looks like this:

MintBiba:minttype:0x62
MintEqual:minttype:0x65 
MintHigh:minttype:0x68 
MintLow:minttype:0x6c 

This field maps the MSEN type of a security label from an ASCII name to the numeric value.

The default msentypenames field on your system looks like this:

MsenAdmin:msentype:0x41 
MsenEqual:msentype:0x45 
MsenHigh:msentype:0x48 
MsenMldHigh:msentype:0x49 
MsenLow:msentype:0x4c 
MsenMld:msentype:0x4d 
MsenMldLow:msentype:0x4e 
MsenTcsec:msentype:0x54 

/usr/lib/X11/xdm/Xresources

This file contains default information about your X environment. For more information see the XDM(1) man page.

The default Xresources file looks like this:

xlogin*login.translations: #override 
<key> F1: set-session-argument(failsafe) finish-field() 
<key> Return: set-session-argument() finish-field() 
xlogin*borderWidth: 3 
#ifdef COLOR 
xlogin*greetColor: #f63 
xlogin*failColor: red 
xlogin*Foreground: black 
xlogin*Background: #fdc 
#else 
xlogin*Foreground: black 
xlogin*Background: white 
#endif

dblow

-r--r--r-- (444) root,sys