D (System Administration Guide: Security Services)

System Administration Guide: Security Services


D

	`-D` option
		`auditreduce` command ( )
		`ppriv` command ( )

	`d_passwd` file
		creating ( )
		description ( )
		disabling dial-up logins temporarily ( )

	daemons
		`auditd` ( )
		`kcfd` ( )
		`keyserv` ( )
		`nscd` (name service cache daemon) ( ) ( )
		`rpc.nispasswd` ( )
		running with privileges ( )
		`ssh-agent` ( )
		`sshd` ( )
		table of Kerberos ( )
		`vold` ( )

	Data Encryption Standard, See DES encryption

	data forwarding, Solaris Secure Shell ( )

	databases
		`audit_user` ( )
		`auth_attr` ( )
		backing up and propagating KDC ( )
		creating KDC ( )
		`cred` for Secure RPC ( ) ( )
		`exec_attr` ( )
		KDC propagation ( )
		NFS secret keys ( )
		`prof_attr` ( )
		`publickey` for Secure RPC ( )
		RBAC ( )
		`user_attr` ( )
		with privilege information ( )

	`dd` command, generating secret keys ( )

	`deallocate` command
		allocate error state ( ) ( )
		authorizations for ( )
		authorizations required ( )
		description ( )
		device-clean scripts and ( )
		using ( )

	deallocating
		devices ( )
		forcibly ( )
		microphone ( )

	debugging, privileges ( )

	debugging sequence number ( )

	`decrypt` command
		description ( )
		syntax ( )

	decrypting
		conversation keys for Secure RPC ( )
		files ( )
		NFS secret keys ( )
		secret keys ( )

	`default/login` file, description ( )

	`default_realm` section
		`krb5.conf` file ( ) ( )

	`defaultpriv` keyword, `user_attr` database ( )

	defaults
		ACL entries for directories ( ) ( )
		`praudit` output format ( ) ( )
		privilege settings in `policy.conf` file ( )
		system-wide auditing ( )
		system-wide in `policy.conf` file ( )
		`umask` value ( )

	delegating, RBAC authorizations ( )

	`delete_entry` command, `ktutil` command ( )

	deleting
		ACL entries ( ) ( )
		archived audit files ( )
		audit files ( )
		host's service ( )
		`not_terminated` audit files ( )
		policies (Kerberos) ( )
		principal (Kerberos) ( )
		rights profiles ( )

	`DenyGroups` keyword, `sshd_config` file ( )

	`DenyUsers` keyword, `sshd_config` file ( )

	DES encryption
		kernel provider ( )
		Secure NFS ( )

	destroying, tickets with `kdestroy` ( )

	determining
		`audit_control` flags are correct ( )
		audit ID of a user ( )
		`audit_user` flags are correct ( )
		auditing is running ( )
		`c2audit` module is loaded ( )
		files with `setuid` permissions ( )
		if file has ACL ( )
		privileges on a process ( )
		privileges task map ( )

	`/dev/arp` device, getting IP MIB-II information ( )

	`/dev/urandom` device ( )

	`devfsadm` command, description ( )

	`device_allocate` file
		description ( )
		format ( )
		sample ( ) ( )

	device allocation
		adding devices ( )
		allocatable devices ( ) ( )
		`allocate` command ( )
		allocate error state ( )
		allocating devices ( )
		auditing ( )
		authorizations for commands ( )
		authorizing users to allocate ( )
		changing allocatable devices ( )
		commands ( )
		components of mechanism ( )
		configuration file ( )
		`deallocate` command ( )
			device-clean scripts and ( )
			using ( )
		deallocating devices ( )
		`device_allocate` file ( )
		device-clean scripts
			audio devices ( )
			CD-ROM drives ( )
			description ( )
			diskette drives ( )
			options ( )
			tape drives ( ) ( )
			writing new scripts ( )
		`device_maps` file ( )
		disabling ( )
		enabling ( ) ( )
		examples ( )
		forcibly allocating devices ( )
		forcibly deallocating devices ( )
		making device allocatable ( )
		managing devices ( )
		mounting devices ( )
		not requiring authorization ( )
		preventing ( )
		requiring authorization ( )
		task map ( )
		troubleshooting ( ) ( )
		troubleshooting permissions ( )
		unmounting allocated device ( )
		user procedures ( )
		using ( )
		using `allocate` command ( )
		viewing information ( )

	device-clean scripts
		and object reuse ( )
		audio devices ( )
		CD-ROM drives ( )
		description ( )
		diskette drives ( )
		options ( )
		tape drives ( ) ( ) ( )
		writing new scripts ( )

	device management, See device policy

	`device_maps` file
		description ( )
		format ( )
		sample entries ( )

	device policy
		`add_drv` command ( )
		auditing changes ( )
		changing ( )
		commands ( )
		configuring ( )
		kernel protection ( )
		managing devices ( )
		overview ( ) ( )
		removing from device ( )
		task map ( )
		`update_drv` command ( ) ( )
		viewing ( )

	Device Security (RBAC), creating role ( )

	devices
		adding device policy ( )
		allocating for use ( )
		auditing allocation of ( )
		auditing policy changes ( )
		authorizing users to allocate ( )
		changing device policy ( )
		changing which are allocatable ( )
		deallocating a device ( )
		`/dev/urandom` device ( )
		device allocation
			See device allocation
		forcibly allocating ( )
		forcibly deallocating ( )
		getting IP MIB-II information ( )
		listing ( )
		listing device names ( )
		login access control ( )
		making allocatable ( )
		managing ( )
		managing allocation of ( )
		mounting allocated devices ( )
		not requiring authorization for use ( )
		policy commands ( )
		preventing use of all ( )
		preventing use of some ( )
		privilege model and ( )
		protecting by device allocation ( )
		protecting in the kernel ( )
		removing policy ( )
		security ( )
		superuser model and ( )
		unmounting allocated device ( )
		viewing allocation information ( )
		viewing device policy ( )
		zones and ( )

	`dfstab` file, sharing files ( )

	DH authentication
		configuring in NIS ( )
		configuring in NIS+ ( )
		description ( )
		for NIS+ client ( )
		for NIS client ( )
		mounting files with ( )
		sharing files with ( )

	DHCP Management (RBAC), creating role ( )

	dial-up passwords
		creating ( )
		disabling ( )
		disabling temporarily ( )
		`/etc/d_passwd` file ( )
		security ( )

	`dialups` file, creating ( )

	Diffie-Hellman authentication, See DH authentication

	`digest` command
		description ( )
		example ( )
		syntax ( )

	`digestmd5.so.1` plug-in, SASL and ( )

	digests
		computing for file ( )
		of files ( ) ( )

	`dir` line, `audit_control` file ( )

	direct realms ( )

	directories
		See also files
		ACL entries ( ) ( )
		`audit_control` file definitions ( )
		audit directories full ( ) ( )
		`auditd` daemon pointer ( ) ( )
		displaying files and related information ( ) ( )
		mounting audit directories ( )
		permissions
			defaults ( )
			description ( )
		public directories ( )

	disabling
		abort sequence ( )
		audit policy ( )
		audit service ( )
		cryptographic mechanisms ( )
		device allocation ( )
		dial-up logins temporarily ( )
		dial-up passwords ( )
		executable stacks ( )
		executables that compromise security ( )
		hardware mechanisms ( )
		keyboard abort ( )
		keyboard shutdown ( )
		logging of executable stack messages ( )
		logins temporarily ( )
		programs from using executable stacks ( )
		remote `root` access ( )
		service on a host (Kerberos) ( )
		system abort sequence ( )
		user logins ( )

	disk partitioning, for binary audit files ( )

	disk-space requirements ( )

	diskette drives
		allocating ( )
		device-clean scripts ( )

	displaying
		ACL entries ( ) ( ) ( )
		allocatable devices ( )
		audit policies ( )
		audit queue parameter values ( )
		audit record formats ( )
		audit records ( )
		audit records in XML format ( )
		device policy ( )
		file information ( )
		files and related information ( )
		format of audit records ( )
		providers in the cryptographic framework ( )
		roles you can assume ( ) ( )
		`root` access attempts ( )
		selected audit records ( )
		`su` command attempts ( )
		sublist of principals (Kerberos) ( )
		user's login status ( ) ( )
		users with no passwords ( )

	`dminfo` command ( )

	DNS, Kerberos and ( )

	`domain_realm` section
		`krb5.conf` file ( ) ( ) ( )

	dot (`.`)
		authorization name separator ( )
		displaying hidden files ( )

	double dollar sign ($$), parent shell process number ( )

	`DSAAuthentication` keyword, See `PubkeyAuthentication` keyword

	DTD for `praudit` command ( )

	duplicating, principals (Kerberos) ( )

	`DynamicForward` keyword, `ssh_config` file ( )