Security Attributes in Files and Their Corresponding SMF Properties

Language:

The following tables list the variable names of security attributes in the files in the /etc directory and their corresponding SMF properties in the account-policy service.

Figure 6, Table 6, Login Security Attributes in Files and SMF
Figure 7, Table 7, Password Security Attributes in Files and SMF
Figure 8, Table 8, User Account Security Attributes in Files and SMF
Figure 9, Table 9, User Environment Security Attributes in Files and SMF
Figure 10, Table 10, Logging and su Security Attributes in Files and SMF

The SMF properties in Figure 6, Table 6, Login Security Attributes in Files and SMF can be modified when the config/etc_default_login stencil in the account-policy service is enabled.

Table 6 Login Security Attributes in Files and SMF

Variable Name	Legacy File	SMF Property
`ANNOTATION`	`/etc/security/policy.conf`	`login_policy/annotation`
`CLEARANCE`	`/etc/security/policy.conf`	`login_policy/clearance`
`CONSOLE`	`/etc/default/login`	`login_policy/root_login_device`
`DISABLETIME`	`/etc/default/login`	`login_policy/disabletime`
`LOCK_AFTER_RETRIES`	`/etc/security/policy.conf`	`login_policy/lock_after_retries`
`PAM_POLICY`	`/etc/security/policy.conf`	`login_policy/pam_policy`
`PASSREQ`	`/etc/default/login`	`login_policy/password_required`
`RETRIES`	`/etc/default/login`	`login_policy/retries`
`SLEEPTIME`	`/etc/default/login`	`login_policy/sleeptime`
`TIMEOUT`	`/etc/default/login`	`login_policy/timeout`
`UNLOCK_AFTER`	`/etc/security/policy.conf`	`login_policy/auto_unlock_time`

The SMF properties in Figure 7, Table 7, Password Security Attributes in Files and SMF can be modified when the config/etc_default_passwd stencil in the account-policy service is enabled.

Table 7 Password Security Attributes in Files and SMF

Variable Name	Legacy File	SMF Property
`CRYPT_DEFAULT`	`/etc/security/policy.conf`	`password/crypt/default`
`CRYPT_ALGORITHMS_ALLOW`	`/etc/security/policy.conf`	`password/crypt/algorithms_allow`
`CRYPT_ALGORITHMS_DEPRECATE`	`/etc/security/policy.conf`	`password/crypt/algorithms_deprecate`
`DICTIONDBDIR`	`/etc/default/passwd`	`password/dictionary/db_dir`
`DICTIONLIST`	`/etc/default/passwd`	`password/dictionary/word_list`
`DICTIONMINWORDLENGTH`	`/etc/default/passwd`	`password/dictionary/min_word_length`
`HISTORY`	`/etc/default/passwd`	`password/history`
`MAXDAYS`	`/etc/default/passwd`	`password/aging_defaults/max_days`
`MAXREPEATS`	`/etc/default/passwd`	`password/complexity/max_repeats`
`MAXWEEKS`	`/etc/default/passwd`	`password/aging_defaults/max_weeks`
`MINALPHA`	`/etc/default/passwd`	`password/complexity/min_alpha`
`MINDAYS`	`/etc/default/passwd`	`password/aging_defaults/min_days`
`MINDIFF`	`/etc/default/passwd`	`password/complexity/min_diff`
`MINDIGIT`	`/etc/default/passwd`	`password/complexity/min_digit`
`MINLOWER`	`/etc/default/passwd`	`password/complexity/min_lower`
`MINNONALPHA`	`/etc/default/passwd`	`password/complexity/min_nonalpha`
`MINSPECIAL`	`/etc/default/passwd`	`password/complexity/min_special`
`MINUPPER`	`/etc/default/passwd`	`password/complexity/min_upper`
`MINWEEKS`	`/etc/default/passwd`	`password/aging_defaults/min_weeks`
`NAMECHECK`	`/etc/default/passwd`	`password/complexity/namecheck`
`PASSLENGTH`	`/etc/default/passwd`	`password/complexity/passlength`
`WARNDAYS`	`/etc/default/passwd`	`password/aging_defaults/warn_days`
`WARNWEEKS`	`/etc/default/passwd`	`password/aging_defaults/warn_weeks`
`WHITESPACE`	`/etc/default/passwd`	`password/complexity/whitespace`

The SMF properties in Figure 8, Table 8, User Account Security Attributes in Files and SMF can be modified when the config/etc_security_policyconf stencil in the account-policy service is enabled.

Table 8 User Account Security Attributes in Files and SMF

Variable Name	Legacy File	SMF Property
`AUTH_PROFS_GRANTED`	`/etc/security/policy.conf`	`rbac/default_auth_profiles`
`AUTHS_GRANTED`	`/etc/security/policy.conf`	`rbac/default_authorizations`
`CONSOLE_USER`	`/etc/security/policy.conf`	`rbac/console_user_profiles`
`PRIV_DEFAULT`	`/etc/security/policy.conf`	`rbac/default_privileges`
`PRIV_LIMIT`	`/etc/security/policy.conf`	`rbac/default_limit_privileges`
`PROFS_GRANTED`	`/etc/security/policy.conf`	`rbac/default_profiles`

The SMF properties in Figure 9, Table 9, User Environment Security Attributes in Files and SMF can be modified when the config/etc_default_login stencil in the account-policy service is enabled.

Table 9 User Environment Security Attributes in Files and SMF

Variable Name	Legacy File	SMF Property
`ALTSHELL`	`/etc/default/login`	`login/environment/set_shell`
`HZ`	`/etc/default/login`	`login/environment/hz`
`PATH`	`/etc/default/login`	`login/environment/path`
`SUPATH`	`/etc/default/login`	`login/environment/root_path`
`TIMEZONE`	`/etc/default/login`	`login/environment/timezone`
`ULIMIT`	`/etc/default/login`	`login/environment/ulimit`
`UMASK`	`/etc/default/login`	`login/environment/umask`

The SMF properties in Figure 10, Table 10, Logging and su Security Attributes in Files and SMF can be modified when the config/etc_default_login and config/etc_default_su stencils in the account-policy service is enabled.

Table 10 Logging and su Security Attributes in Files and SMF

Variable Name	Legacy File	SMF Property
`SYSLOG`	`/etc/default/login`	`login/log/syslog`
`SYSLOG_FAILED_LOGINS`	`/etc/default/login`	`login/log/syslog_failed_attempts`
`CONSOLE`	`/etc/default/su`	`su/log/device`
`PATH`	`/etc/default/su`	`su/environment/path`
`SULOG`	`/etc/default/su`	`su/log/logfile`
`SUPATH`	`/etc/default/su`	`su/environment/path`
`SYSLOG`	`/etc/default/su`	`su/log/syslog`