Using the tcbck command

Edit online

The tcbck command is used to ensure the proper installation of security-relevant file; to ensure the file system tree contains no files that clearly violate system security; and to update, add, or delete trusted files.

The tcbck command is normally used for the following tasks:

  • Ensure the proper installation of security-relevant files
  • Ensure that the file system tree contains no files that clearly violate system security
  • Update, add, or delete trusted files

The tcbck command can be used in the following ways:

  • Normal use
    • Noninteractive at system initialization
    • With the cron command
  • Interactive use
    • Check out individual files and classes of files
  • Paranoid use
    • Store the sysck.cfg file offline and restore it periodically to check out the machine

Although not cryptographically secure, the TCB uses the sum command for checksums. The TCB database can be set up manually with a different checksum command, for example, the md5sum command that is shipped in the textutils RPM Package Manager package with AIX Toolbox for Linux Applications CD.