I've noticed that on some AIX servers there are these files:
These files are there on some servers, but not on others, so I was curious what their purpose was and what created them.
I started by googling the file names, and found a few references to them, but nothing that really explained why they are there or where they come from. So then I tried searching through all man pages with a command like this:
# find /usr/share/man | xargs grep opasswd 2>/dev/null
/usr/share/man/info/EN_US/a_doc_lib/cmds/aixcmds2/groups.htm:<a id="a39caeee105janb" name="a39caeee105janb"></a><strong>/etc/opasswd</strong></td>
The only man page referencing "opasswd" is for the "groups" command that says:
Previous version of the group file
Previous version of the password file.
Based on this, it sounded to be like the files were a automatically generated backup file of these files.. The server I was working on didn't have a "/etc/opasswd", or "/etc/ogroup" files, so I tried creating a user, changing a users password, and deleting a user. After all this, the "/etc/opasswd" and "/etc/ogroup" files still didn't exist as I had expected them to....
Next, I decided to look through all the executables on the server and see which of them contained a reference to "/etc/opasswd":
# for dir in `echo $PATH | tr ":" " "`; do for file in `ls -1 $dir 2>/dev/null`; do [ -x $dir/$file ] && [ -f $dir/$file ] && strings $dir/$file | grep -q -i '/etc/opasswd' && echo "$file"; done; done
The only two executables found on the server with references to /etc/opasswd where "pwdck" and "usrck". I also ran "strings" on the libraries under /usr/lib but couldn't find any references to opasswd in them.
So I did some more experimenting and found that the "pwdck" and "usrck" commands do in fact make backup copies of files to /etc/opasswd, /etc/ogroup, /etc/security/opasswd, and /etc/security/ouser. These backup files could be used to help recover the system if pwdck or usrck messed something up on the system.. Mystery solved :)