#	@(#) files 25.1 92/07/09 
#
#	Copyright (C) 1989-1992 The Santa Cruz Operation, Inc.
#	and SecureWare, Inc.	All Rights Reserved.
#	The information in this file is provided for the exclusive use of
#	the licensees of The Santa Cruz Operation, Inc.  Such users have the
#	right to use, modify, and incorporate this code into other products
#	for purposes authorized by the license agreement provided they include
#	this notice and the associated copyright notice with any such product.
#	The information in this file is provided "AS IS" without warranty.
#
# /etc/auth/system/files	-- File Control database
#
/:f_owner=root:f_group=bin:f_mode#0755:f_type=d:chkent:
/shlib:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
/shlib/*:f_owner=bin:f_group=bin:f_mode#0755:f_type=r:chkent:
/tmp:f_owner=sys:f_group=sys:f_mode#01777:f_type=d:chkent:
/bin:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
/bin/auths:f_owner=bin:f_group=bin:f_mode#0111:f_type=r:chkent:
/bin/df:f_owner=bin:f_group=backup:f_mode#02111:f_type=r:chkent:
/bin/hello:f_owner=bin:f_group=terminal:f_mode#02111:f_type=r:\
        :chkent:
/bin/ipcs:f_owner=bin:f_group=mem:f_mode#02111:f_type=r:chkent:
/bin/login:f_owner=root:f_group=bin:f_mode#0100:f_type=r:chkent:
/bin/mesg:f_owner=bin:f_group=terminal:f_mode#02111:f_type=r:\
        :chkent:
/bin/newgrp:f_owner=root:f_group=bin:f_mode#04111:f_type=r:chkent:
/bin/passwd:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:chkent:
/bin/ps:f_owner=bin:f_group=mem:f_mode#02111:f_type=r:chkent:
/bin/pwd:f_owner=bin:f_group=bin:f_mode#0111:f_type=r:chkent:
/bin/sg:f_owner=root:f_group=bin:f_mode#04111:f_type=r:chkent:
/bin/su:f_owner=root:f_group=auth:f_mode#06111:f_type=r:chkent:
/bin/sulogin:f_owner=bin:f_group=bin:f_mode#0100:f_type=r:chkent:
/bin/write:f_owner=bin:f_group=terminal:f_mode#02111:f_type=r:\
        :chkent:
/dev:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
/dev/auditr:f_owner=audit:f_group=audit:f_mode#0440:f_type=c:\
        :chkent:
/dev/auditw:f_owner=audit:f_group=audit:f_mode#0660:f_type=c:\
        :chkent:
/dev/dsk:f_owner=root:f_group=backup:f_mode#0755:f_type=d:chkent:
/dev/kmem:f_owner=root:f_group=mem:f_mode#0440:f_type=c:chkent:
/dev/mem:f_owner=root:f_group=mem:f_mode#0440:f_type=c:chkent:
/dev/rdsk:f_owner=root:f_group=backup:f_mode#0755:f_type=d:chkent:
/dev/root:f_owner=root:f_group=backup:f_mode#0440:f_type=b:chkent:
/dev/swap:f_owner=root:f_group=mem:f_mode#0440:f_type=b:chkent:
/etc:f_owner=bin:f_group=auth:f_mode#0775:f_type=d:chkent:
/etc/authckrc:f_owner=bin:f_group=auth:f_mode#0500:f_type=r:chkent:
/etc/auth:f_owner=auth:f_group=auth:f_mode#0771:f_type=d:chkent:
/etc/auth/dlvr_audit:f_owner=audit:f_group=audit:f_mode#06111:\
        :f_type=r:chkent:
#
#  The files for each protected subsystem have no explicit owner,
#  and are world-readable, so that "auth"-authorized administrators
#  can update them.  This is acceptable because such administrators
#  have control over subsystem membership and so could not gain any
#  additional power(s), albeit it does mean that any user can deduce
#  who administrates what.  There are additional risks (such as job
#  changes -- the administrator today may not be an administrator
#  tomorrow).
#
#  Note that each protected subsystem must also have a ticket file
#  in /tcb/files/subsys.
#
/etc/auth/subsystems:f_owner=auth:f_group=auth:f_mode#0771:\
        :f_type=d:chkent:
/etc/auth/subsystems/audit:f_group=audit:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/audit-t:f_group=audit:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/auth:f_group=auth:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/auth-t:f_group=auth:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/backup:f_group=backup:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/backup-t:f_group=backup:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/cron:f_group=cron:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/cron-t:f_group=cron:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/dflt_users:f_group=auth:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/dflt_users-t:f_group=auth:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/lp:f_group=lp:f_mode#0644:f_type=r:chkent:
/etc/auth/subsystems/lp-t:f_group=lp:f_mode#0644:f_type=r:chkent:
/etc/auth/subsystems/mem:f_group=mem:f_mode#0644:f_type=r:chkent:
/etc/auth/subsystems/mem-t:f_group=mem:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/sysadmin:f_group=sysadmin:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/sysadmin-t:f_group=sysadmin:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/terminal:f_group=terminal:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/terminal-t:f_group=terminal:f_mode#0644:\
        :f_type=r:chkent:
/etc/auth/subsystems/uucp:f_group=uucp:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/uucp-t:f_group=uucp:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/root:f_group=root:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/subsystems/root-t:f_group=root:f_mode#0644:f_type=r:\
        :chkent:
/etc/auth/system:f_owner=auth:f_group=auth:f_mode#0771:f_type=d:\
        :chkent:
/etc/auth/system/files:f_owner=root:f_group=sysadmin:f_mode#0664:\
        :f_type=r:chkent:
/etc/auth/system/*:f_owner=auth:f_group=auth:f_mode#0664:f_type=r:\
        :chkent:
/etc/bcheckrc:f_owner=root:f_group=sys:f_mode#0744:f_type=r:chkent:
/etc/brc:f_owner=root:f_group=sys:f_mode#0744:f_type=r:chkent:
/etc/conf:f_owner=root:f_group=sys:f_mode#0755:f_type=d:chkent:
/etc/conf/*:f_owner=root:f_group=sys:f_mode#0755:f_type=d:chkent:
/etc/conf/cf.d/init.base:f_owner=root:f_group=audit:f_mode#0644:\
        :f_type=r:chkent:
/etc/cron:f_owner=bin:f_group=bin:f_mode#0100:f_type=r:chkent:
/etc/default:f_owner=root:f_group=auth:f_mode#0775:f_type=d:chkent:
/etc/default/su:f_owner=root:f_group=bin:f_mode#0600:f_type=r:\
        :chkent:
/etc/default/login:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:\
        :chkent:
/etc/default/login-t:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:\
        :chkent:
/etc/default/passwd:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:\
        :chkent:
/etc/default/passwd-t:f_owner=bin:f_group=auth:f_mode#0664:\
        :f_type=r:chkent:
/etc/default/*:f_owner=bin:f_group=bin:f_mode#0644:f_type=r:chkent:
/etc/devnm:f_owner=bin:f_group=backup:f_mode#02111:f_type=r:chkent:
/etc/d_passwd:f_owner=root:f_group=auth:f_mode#0660:f_type=r:\
        :chkent:
/etc/d_passwd-t:f_owner=root:f_group=auth:f_mode#0660:f_type=r:\
        :chkent:
/etc/fixmog:f_owner=root:f_group=bin:f_mode#0100:f_type=r:chkent:
/etc/fscmd.d:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
/etc/fscmd.d/*:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
/etc/getty:f_owner=bin:f_group=bin:f_mode#0100:f_type=r:chkent:
/etc/group:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:chkent:
/etc/group-t:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:chkent:
/etc/idrc.d:f_owner=root:f_group=sys:f_mode#0755:f_type=d:chkent:
/etc/init:f_owner=bin:f_group=bin:f_mode#0100:f_type=r:chkent:
/etc/init.d:f_owner=root:f_group=sys:f_mode#0755:f_type=d:chkent:
/etc/inittab:f_owner=root:f_group=audit:f_mode#0664:f_type=r:\
        :chkent:
/etc/passwd:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:chkent:
/etc/passwd-t:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:chkent:
/etc/pwconv:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:chkent:
/etc/pwunconv:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:\
        :chkent:
/etc/shadow:f_owner=root:f_group=auth:f_mode#0660:f_type=r:chkent:
/etc/shadow-t:f_owner=root:f_group=auth:f_mode#0660:f_type=r:\
        :chkent:
/etc/perms:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
/etc/perms/bundle:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:\
        :chkent:
/etc/perms/*:f_owner=bin:f_group=bin:f_mode#0644:f_type=r:chkent:
/etc/perms/bundle/*:f_owner=bin:f_group=bin:f_mode#0644:f_type=r:\
        :chkent:
#
#  The ps(C) data files have no explicit owner so that may be
#  regenerated by any user (and not just those with the "chown"
#  kernel authorization).  This is acceptable because only the
#  protected subsystem group "mem" has access to the directory.
#
/etc/ps:f_owner=bin:f_group=mem:f_mode#0770:f_type=d:chkent:
/etc/ps/*:f_group=mem:f_mode#0660:f_type=r:chkent:
/etc/rc.d:f_owner=root:f_group=sys:f_mode#0775:f_type=d:chkent:
/etc/rc?.d:f_owner=root:f_group=bin:f_mode#0700:f_type=d:chkent:
#
#  /etc/shutdown.d is obsolete and should not be used (see /etc/rc0).
#
/etc/shutdown.d:f_owner=root:f_group=sys:f_mode#0775:f_type=d:\
        :chkent:
/etc/smmck:f_owner=bin:f_group=bin:f_mode#0711:f_type=r:chkent:
/etc/tcbck:f_owner=bin:f_group=bin:f_mode#0711:f_type=r:chkent:
/etc/utmp:f_owner=bin:f_group=bin:f_mode#0664:f_type=r:chkent:
/etc/whodo:f_owner=bin:f_group=mem:f_mode#02111:f_type=r:chkent:
/tcb:f_owner=bin:f_group=bin:f_mode#0111:f_type=d:chkent:
/tcb/audittmp:f_owner=audit:f_group=audit:f_mode#0770:f_type=d:\
        :chkent:
/tcb/audittmp/audit1:f_owner=audit:f_group=audit:f_mode#0770:\
        :f_type=d:chkent:
/tcb/audittmp/audit2:f_owner=audit:f_group=audit:f_mode#0770:\
        :f_type=d:chkent:
/tcb/bin:f_owner=bin:f_group=bin:f_mode#0111:f_type=d:chkent:
/tcb/bin/addxusers:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:\
        :chkent:
/tcb/bin/ap:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:chkent:
/tcb/bin/auditcmd:f_owner=audit:f_group=audit:f_mode#0110:f_type=r:\
        :chkent:
/tcb/bin/auditd:f_owner=audit:f_group=audit:f_mode#0110:f_type=r:\
        :chkent:
/tcb/bin/authck:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:\
        :chkent:
/tcb/bin/integrity:f_owner=root:f_group=sysadmin:f_mode#02110:\
        :f_type=r:chkent:
/tcb/bin/reduce:f_owner=audit:f_group=audit:f_mode#02110:f_type=r:\
        :chkent:
/tcb/bin/ttys_update:f_owner=auth:f_group=auth:f_mode#0555:\
        :f_type=r:chkent:
/tcb/bin/ale:f_owner=root:f_group=auth:f_mode#06111:f_type=r:\
        :chkent:
/tcb/bin/cps:f_owner=root:f_group=bin:f_mode#0100:f_type=r:chkent:
/tcb/bin/passwdupd:f_owner=root:f_group=bin:f_mode#0100:f_type=r:\
        :chkent:
/tcb/bin/ttyupd:f_owner=auth:f_group=auth:f_mode#0555:f_type=r:\
        :chkent:
/tcb/bin/rmuser:f_owner=auth:f_group=auth:f_mode#0555:f_type=r:\
        :chkent:
/tcb/bin/unretire:f_owner=auth:f_group=auth:f_mode#0555:f_type=r:\
        :chkent:
/tcb/bin/asroot:f_owner=root:f_group=root:f_mode#06111:f_type=r:\
        :chkent:
/tcb/files:f_owner=root:f_group=bin:f_mode#0711:f_type=d:chkent:
/tcb/files/audit:f_owner=audit:f_group=audit:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/audit/audit_dmninfo:f_owner=audit:f_group=audit:\
        :f_mode#0660:f_type=r:chkent:
/tcb/files/audit/audit_parms:f_owner=audit:f_group=audit:\
        :f_mode#0660:f_type=r:chkent:
/tcb/files/audit/audit_recovery:f_owner=audit:f_group=audit:\
        :f_mode#0660:f_type=r:chkent:
/tcb/files/audit/audit_select:f_owner=audit:f_group=audit:\
        :f_mode#0660:f_type=r:chkent:
/tcb/files/auditrparms:f_owner=audit:f_group=audit:f_mode#0770:\
        :f_type=d:chkent:
/tcb/files/no_luid:f_owner=bin:f_group=bin:f_mode#0711:f_type=d:\
        :chkent:
/tcb/files/no_luid/FIFO:f_owner=bin:f_group=bin:f_mode#0660:\
        :f_type=f:chkent:
/tcb/files/no_luid/cmdtable:f_owner=bin:f_group=bin:f_mode#0640:\
        :f_type=r:chkent:
/tcb/files/no_luid/sdd:f_owner=bin:f_group=bin:f_mode#0100:\
        :f_type=r:chkent:
/tcb/files/rootcmds:f_owner=root:f_group=root:f_mode#0700:f_type=d:\
        :chkent:
/tcb/files/rootcmds/shutdown:f_owner=root:f_group=sys:f_mode#0500:\
        :f_type=r:chkent:
/tcb/files/rootcmds/*:f_mode#0555:f_type=r:chkent:
#
#  The files which comprise the Protected Password database do not
#  have an explicit owner so that users lacking the "chown" kernel
#  authorization may change their own password.  This is acceptable
#  because access to the containing directories is very restricted.
#
/tcb/files/auth:f_owner=bin:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/a:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/b:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/c:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/d:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/e:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/f:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/g:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/h:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/i:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/j:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/k:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/l:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/m:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/n:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/o:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/p:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/q:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/r:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/s:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/t:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/u:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/v:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/w:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/x:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/y:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/z:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/?:f_owner=auth:f_group=auth:f_mode#0770:f_type=d:\
        :chkent:
/tcb/files/auth/a/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/b/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/c/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/d/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/e/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/f/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/g/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/h/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/i/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/j/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/k/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/l/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/m/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/n/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/o/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/p/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/q/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/r/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/s/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/t/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/u/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/v/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/w/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/x/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/y/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/z/*:f_group=auth:f_mode#0660:f_type=r:chkent:
/tcb/files/auth/?/*:f_group=auth:f_mode#0660:f_type=r:chkent:
#
#  The subsystem ticket files must be readable only by the appropriate
#  subsystem group.  Hence, their owner is the superuser, who a priori
#  has read access.
#
/tcb/files/subsys:f_owner=root:f_group=root:f_mode#0111:f_type=d:\
        :chkent:
/tcb/files/subsys/audit:f_owner=root:f_group=audit:f_mode#0440:\
        :f_type=r:chkent:
/tcb/files/subsys/auth:f_owner=root:f_group=auth:f_mode#0440:\
        :f_type=r:chkent:
/tcb/files/subsys/backup:f_owner=root:f_group=backup:f_mode#0440:\
        :f_type=r:chkent:
/tcb/files/subsys/cron:f_owner=root:f_group=cron:f_mode#0440:\
        :f_type=r:chkent:
/tcb/files/subsys/lp:f_owner=root:f_group=lp:f_mode#0440:f_type=r:\
        :chkent:
/tcb/files/subsys/mem:f_owner=root:f_group=mem:f_mode#0440:\
        :f_type=r:chkent:
/tcb/files/subsys/sysadmin:f_owner=root:f_group=sysadmin:\
        :f_mode#0440:f_type=r:chkent:
/tcb/files/subsys/terminal:f_owner=root:f_group=terminal:\
        :f_mode#0440:f_type=r:chkent:
/tcb/files/subsys/uucp:f_owner=root:f_group=uucp:f_mode#0440:\
        :f_type=r:chkent:
/tcb/files/subsys/root:f_owner=root:f_group=root:f_mode#0440:\
        :f_type=r:chkent:
/tcb/lib:f_owner=bin:f_group=bin:f_mode#0111:f_type=d:chkent:
/tcb/lib/chg_audit:f_owner=root:f_group=audit:f_mode#06110:\
        :f_type=r:chkent:
/tcb/lib/execbprg:f_owner=root:f_group=backup:f_mode#04110:\
        :f_type=r:chkent:
/tcb/lib/initcond:f_owner=bin:f_group=bin:f_mode#0100:f_type=r:\
        :chkent:
/tcb/lib/report.expire:f_owner=bin:f_group=auth:f_mode#0110:\
        :f_type=r:chkent:
/tcb/lib/report.login:f_owner=bin:f_group=auth:f_mode#0110:\
        :f_type=r:chkent:
/tcb/lib/report.term:f_owner=bin:f_group=auth:f_mode#0110:f_type=r:\
        :chkent:
/tcb/lib/relax:f_owner=root:f_group=bin:f_mode#0700:f_type=d:\
        :chkent:
/tcb/lib/relax/*:f_owner=root:f_group=bin:f_mode#0700:f_type=d:\
        :chkent:
/tcb/lib/relax/*/*:f_owner=root:f_group=bin:f_mode#0400:f_type=r:\
        :chkent:
/tcb/lib/useshell:f_owner=root:f_group=auth:f_mode#04110:f_type=r:\
        :chkent:
/tcb/lib/zeroexit:f_owner=bin:f_group=bin:f_mode#0555:f_type=r:\
        :chkent:
/tcb/lib/auth_scripts:f_owner=auth:f_group=auth:f_mode#0710:\
        :f_type=d:chkent:
/tcb/lib/auth_scripts/*:f_owner=auth:f_group=auth:f_mode#0440:\
        :f_type=r:chkent:
/unix:f_owner=bin:f_group=mem:f_mode#0440:f_type=r:chkent:
/usr:f_owner=root:f_group=auth:f_mode#0775:f_type=d:chkent:
/usr/adm:f_owner=adm:f_group=bin:f_mode#0755:f_type=d:chkent:
/usr/adm/sulog:f_owner=root:f_group=auth:f_mode#0640:f_type=r:\
        :chkent:
/usr/bin:f_owner=bin:f_group=bin:f_mode#0775:f_type=d:chkent:
/usr/bin/accept:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/at:f_owner=bin:f_group=cron:f_mode#02111:f_type=r:chkent:
/usr/bin/cancel:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/crontab:f_owner=bin:f_group=cron:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/disable:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/enable:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/lp:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:chkent:
/usr/bin/lpstat:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/mscreen:f_owner=root:f_group=bin:f_mode#04711:f_type=r:\
        :chkent:
/usr/bin/prwarn:f_owner=bin:f_group=auth:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/reject:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/bin/sd:f_owner=bin:f_group=bin:f_mode#02111:f_type=r:chkent:
/usr/bin/w:f_owner=bin:f_group=mem:f_mode#02111:f_type=r:chkent:
/usr/bin/goodpw:f_owner=bin:f_group=bin:f_mode#0711:f_type=r:\
        :chkent:
/usr/lib:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:chkent:
#
#  The at(C) and cron(C) allow and deny files have no explicit owner
#  so that "cron"-authorized administrators lacking the "chown" kernel
#  authorization can update them.  This is acceptable as the at & cron
#  administrator is already authorized to change the contents.
#
#  The at(C) and batch(C) prototype files are explicitly owned and
#  writable only by the superuser ("root"), as they can otherwise
#  be used to circumvent system security.
#
/usr/lib/cron:f_owner=root:f_group=cron:f_mode#0775:f_type=d:\
        :chkent:
/usr/lib/cron/.proto:f_owner=root:f_group=cron:f_mode#0640:\
        :f_type=r:chkent:
/usr/lib/cron/.proto.b:f_owner=root:f_group=cron:f_mode#0640:\
        :f_type=r:chkent:
/usr/lib/cron/FIFO:f_owner=cron:f_group=cron:f_mode#0060:f_type=f:\
        :chkent:
/usr/lib/cron/at.allow:f_group=cron:f_mode#0660:f_type=r:chkent:
/usr/lib/cron/at.deny:f_group=cron:f_mode#0660:f_type=r:chkent:
/usr/lib/cron/cron.allow:f_group=cron:f_mode#0660:f_type=r:\
        :chkent:
/usr/lib/cron/cron.deny:f_group=cron:f_mode#0660:f_type=r:chkent:
/usr/lib/cron/log:f_owner=bin:f_group=cron:f_mode#0660:f_type=r:\
        :chkent:
/usr/lib/cron/queuedefs:f_owner=cron:f_group=sys:f_mode#0644:\
        :f_type=r:chkent:
#
/usr/lib/goodpw:f_owner=bin:f_group=auth:f_mode#0775:f_type=d:\
        :chkent:
/usr/lib/goodpw/checks:f_owner=bin:f_group=auth:f_mode#0755:\
        :f_type=d:chkent:
/usr/lib/goodpw/checks/*/*:f_owner=bin:f_group=auth:f_mode#0444:\
        :f_type=r:chkent:
/usr/lib/goodpw/checks/*:f_owner=bin:f_group=auth:f_mode#0755:\
        :f_type=d:chkent:
/usr/lib/goodpw/*:f_owner=bin:f_group=auth:f_mode#0664:f_type=r:\
        :chkent:
#
/usr/lib/455_filter:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/473_filter:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/475_filter:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/5310:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:chkent:
/usr/lib/ATT_s_filter:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/HP_filter:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/accept:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/dumpolp:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/hp2631a:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lpadmin:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lpmove:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lponlcr:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lpshut:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/reject:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lpsched:f_owner=root:f_group=lp:f_mode#02110:f_type=r:\
        :chkent:
/usr/lib/lpfilter:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lpforms:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/lpusers:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
/usr/lib/pprx:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:chkent:
/usr/lib/prx:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:chkent:
#
#  The various shell scripts in the /usr/lib/mkuser hierarchy are 
#  run by the superuser (root) on behalf of an Accounts Administrator.
#  Therefore, only the superuser or Accounts Administrator should be
#  able to modify the scripts. Similarly, the scripts installed into
#  a user's home directory will eventually be run by that user, and
#  so should be protected against Bombs and the like.
#
#  Other files (especially .../homepaths, .../lib/mail, and all
#  of the .../<shell>/mkuser.defs) contain data which an Accounts
#  Administrator may wish to modify.
#
/usr/lib/mkuser:f_owner=root:f_group=auth:f_mode#0750:f_type=d:\
        :chkent:
/usr/lib/mkuser/homepaths:f_owner=root:f_group=auth:f_mode#0660:\
        :f_type=r:chkent:
/usr/lib/mkuser/movehome:f_owner=root:f_group=auth:f_mode#0660:\
        :f_type=r:chkent:
/usr/lib/mkuser/unknown.init:f_owner=root:f_group=auth:f_mode#0660:\
        :f_type=r:chkent:
/usr/lib/mkuser/*:f_owner=root:f_group=auth:f_mode#0750:f_type=d:\
        :chkent:
/usr/lib/mkuser/*/*:f_owner=root:f_group=auth:f_mode#0660:f_type=r:\
        :chkent:
/usr/lib/sysadm:f_owner=bin:f_group=bin:f_mode#0755:f_type=d:\
        :chkent:
/usr/lib/sysadm/atcronsh:f_owner=bin:f_group=cron:f_mode#02111:\
        :f_type=r:chkent:
/usr/lib/sysadm/auditsh:f_owner=bin:f_group=audit:f_mode#02111:\
        :f_type=r:chkent:
/usr/lib/sysadm/authsh:f_owner=bin:f_group=auth:f_mode#02111:\
        :f_type=r:chkent:
/usr/lib/sysadm/backupsh:f_owner=root:f_group=backup:f_mode#02111:\
        :f_type=r:chkent:
/usr/lib/sysadm/lpsh:f_owner=bin:f_group=lp:f_mode#02111:f_type=r:\
        :chkent:
#
/usr/mmdf:f_owner=mmdf:f_group=mmdf:f_mode#0755:f_type=d:chkent:
/usr/mmdf/bin:f_owner=mmdf:f_group=mmdf:f_mode#0755:f_type=d:\
        :chkent:
/usr/mmdf/bin/cleanque:f_owner=root:f_group=mmdf:f_mode#04711:\
        :f_type=r:chkent:
/usr/mmdf/bin/deliver:f_owner=root:f_group=mmdf:f_mode#04711:\
        :f_type=r:chkent:
/usr/mmdf/chans:f_owner=mmdf:f_group=mmdf:f_mode#0700:f_type=d:\
        :chkent:
/usr/mmdf/chans/local:f_owner=root:f_group=mmdf:f_mode#04711:\
        :f_type=r:chkent:
/usr/mmdf/chans/smtpd:f_owner=root:f_group=mmdf:f_mode#06711:\
        :f_type=r:chkent:
#
/usr/spool:f_owner=root:f_group=bin:f_mode#0775:f_type=d:chkent:
/usr/spool/cron:f_owner=bin:f_group=cron:f_mode#0550:f_type=d:\
        :chkent:
/usr/spool/cron/atjobs:f_owner=bin:f_group=cron:f_mode#0770:\
        :f_type=d:chkent:
/usr/spool/cron/crontabs:f_owner=bin:f_group=cron:f_mode#0770:\
        :f_type=d:chkent:
/usr/spool/cron/crontabs/*:f_group=cron:f_mode#0660:f_type=r:\
        :chkent:
#
/usr/spool/lp:f_owner=bin:f_group=lp:f_mode#0771:f_type=d:chkent:
/usr/spool/lp/admins:f_owner=bin:f_group=lp:f_mode#0771:f_type=d:\
        :chkent:
/usr/spool/lp/admins/lp:f_owner=bin:f_group=lp:f_mode#0771:\
        :f_type=d:chkent:
/usr/spool/lp/admins/lp/filter.table:f_group=lp:f_mode#0664:\
        :f_type=r:chkent:
/usr/spool/lp/admins/lp/printers:f_owner=bin:f_group=lp:\
        :f_mode#0775:f_type=d:chkent:
/usr/spool/lp/admins/lp/interfaces:f_owner=bin:f_group=lp:\
        :f_mode#0770:f_type=d:chkent:
/usr/spool/lp/admins/lp/interfaces/*:f_owner=lp:f_group=lp:\
        :f_mode#0775:f_type=r:chkent:
/usr/spool/lp/admins/lp/*:f_owner=bin:f_group=lp:f_mode#0770:\
        :f_type=d:chkent:
/usr/spool/lp/admins/*:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/bin:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/bin/lpsched.jr:f_owner=bin:f_group=lp:f_mode#02110:\
        :f_type=r:chkent:
/usr/spool/lp/bin/rlpcmd:f_owner=root:f_group=lp:f_mode#04110:\
        :f_type=r:chkent:
/usr/spool/lp/default:f_owner=lp:f_group=lp:f_mode#0664:f_type=r:\
        :chkent:
/usr/spool/lp/fifos:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/forms.readme:f_owner=bin:f_group=lp:f_mode#0644:\
        :f_type=r:chkent:
/usr/spool/lp/logs:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/model:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/model/*:f_owner=bin:f_group=lp:f_mode#0550:f_type=r:\
        :chkent:
/usr/spool/lp/requests:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/system:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/temp:f_owner=bin:f_group=lp:f_mode#0770:f_type=d:\
        :chkent:
/usr/spool/lp/SCHEDLOCK:f_owner=lp:f_group=lp:f_mode#0664:f_type=r:\
        :chkent:
