Explanation of /tmp/vas_disauthcc_<uid> files
The /tmp/vas_disauthcc_<uid> files stores a password hash of the user.
Here is some more information:
enable-nonroot-disconnected-cache = <boolean>
Default value: true
QAS maintains a root readable cache of password hashes to support disconnected authentication (unless explicitly configured not too). Some applications that are required to validate password do not, however, run as root. The most common of such applications are screensaver applications such as xscreensaver. In order for a user to be able to unlock the screen when not connected to the network, QAS caches a hash of the users password after successful login in a user-readable file.
These user-readable files are located, by default, in /tmp. Only one hash is stored in each file and the file is owned by the user whose password hash it contains. The enabled-nonroot-disconnected-cache option is provided to allow for disabling this feature. If the enable-nonroot-disconnected-cache option is set to false, these user readable hashes will not be created, neither will they be used to validate password in the event that they were created previous to having disabled the feature. An example of how to disable the nonroot disconnected cache can be seen below.
[vas_auth]
enable-nonroot-disconnected-cache = false
and related:
nonroot-disconnected-cache-dir = <path definition>
Default value: /tmp
If the nonroot disconnected cache is enabled (which it is by default), the option nonroot-disconnected-cache-dir specifies the directory where the user readable password hash files will be stored. The directory should be an absolute directory path but it may also include the special %homedir% expansion macro to indicate the users home directory. The path specified must exist and it must be a directory, if either of these conditions is not met, the default will be used. Below you will find an example of configuring the user-readable cache location so that it is contained in the users homedirectory. This might cause some issues if the user were using a network file system (such as NFS).
[vas_auth]
nonroot-disconnected-cache = %homedir%
If the password-cache-age is set to 0 in the [vas_auth] section in /etc/opt/quest/vas/vas.conf, then the /tmp/vas_disauthcc_<uid> files will remain and not get deleted.
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center