To use the Accounting system, file ownership and permissions must
be correct.
You must have root user or adm group authority to perform this procedure.
The adm administrative account owns the accounting command
and scripts, except for /var/adm/acct/accton which is
owned by root.
To fix incorrect Accounting file permissions, perform
the following procedure:
- To check file permissions using the ls command,
type:
ls -l /var/adm/acct
-rws--x--- 1 adm adm 14628 Mar 19 08:11 /var/adm/acct/fiscal
-rws--x--- 1 adm adm 14628 Mar 19 08:11 /var/adm/acct/nite
-rws--x--- 1 adm adm 14628 Mar 19 08:11 /var/adm/acct/sum
- Adjust file permissions with the chown command,
if necessary.
The permissions are 755 (all permissions
for owner and read and execute permissions for all others). Also, the directory
itself should be write-protected from others.
For example:
- Move to the /var/adm/acct directory by typing:
cd /var/adm/acct
- Change the ownership for the sum, nite,
and fiscal directories to adm group authority
by typing:
chown adm sum/* nite/* fiscal/*
To prevent
tampering by users trying to avoid charges, deny write permission for others
on these files. Change the accton command group owner to adm,
and permissions to 710, that is, no permissions for others.
Processes owned by adm can execute the accton command,
but ordinary users cannot.
- The /var/adm/wtmp file must also be owned
by adm. If /var/adm/wtmp is owned by root, you
will see the following message during startup:
/var/adm/acct/startup: /var/adm/wtmp: Permission denied
To
correct the ownership of
/var/adm/wtmp, change ownership
to the
adm group by typing the following command:
chown adm /var/adm/wtmp