Tru64 "enhanced" security

[prev] [thread] [next] [lurker] [Date index for 2004/01/27]

From: Matt McLeod
Subject: Tru64 "enhanced" security
Date: 00:56 on 27 Jan 2004
I am not at all sure what we gain by using this FPOS, but someone
at some point decided that we must use it (presumably because the
name implies some benefit to system security) so now we're stuck
with it.

It's particularly awful in that it gives no useful debugging information
when it is unhappy, even when using the "-v" switch to the various
related commands -- which is *supposed* to provide additional information,
but doesn't.

In theory, if one needs to rebuild the databases (e.g., if one of
the provided tools hoses them) you can run "convuser -a" to recreate
them.  However, more often than not you will get really useful error
messages like:

PUTPRPWNAM: root: Function not implemented

or:

PUTPRPWNAM: root: File exists

which, as you will notice, do not say *which* function is not
implemented.  Nor which file exists.  The latter is particularly
hateful as it pops up even when no possibly related file does
exist -- if it did, you wouldn't be trying to rebuild the
damned database.

As a final bonus, there seems to be bugger-all by way of useful
documentation.  Sure, prpasswd(4) looks like it might be helpful
until you really need it, but then it's pretty much useless.

Grr.

Matt

-- 
                     "Stuff existentialism, I'm goin' back to momma"
                                                             -- TISM

Generated at 14:02 on 01 Jul 2004 by mariachi 0.52