topic Re: BACKUP ROOT ID in Operating System - HP-UX

BACKUP ROOT ID

Omprakash_2 — Thu, 16 Apr 2009 02:43:44 GMT

Hi,

I have created backup root ID in Hp ux 11.11, I am normally used to go root by providing the #su command. But here i want root access without #su command. That is if am entering login: xxxxxx
Password: 8888888

It should show # prompt, without entering #su command. Request you to provide me the solution, Thanks in Advance.

Re: BACKUP ROOT ID

avizen9 — Thu, 16 Apr 2009 03:57:56 GMT

Hello Omprakash,
you can set owner and group ID for xxxxxx user simillir as root in /etc/password file, its then indirectly as root user. let me know.

Re: BACKUP ROOT ID

Dennis Handly — Thu, 16 Apr 2009 04:09:10 GMT

>I have created backup root ID

What steps did you do? Or are you asking how to do it?

Re: BACKUP ROOT ID

Omprakash_2 — Thu, 16 Apr 2009 04:30:02 GMT

Hi,

I have created through SAM and provided the uid as "0". Then i tried to login but its shows incorrect password, then i tried to login to my account(Normal user account) and i provide #su XXXXX , now i can able to access the system as root. My requirement is i dont want to put #su XXXXX command to access root.

I already checked the /etc/passwd file.

Re: BACKUP ROOT ID

avizen9 — Thu, 16 Apr 2009 04:34:00 GMT

HI,
have you also verify the group id? you can put group id same as root,

if your password is not working, please vi /etc/passwd file and remove password string for this user (keep it blank) and then on command prompt set new password with passwd command, let me know, thanks,

Re: BACKUP ROOT ID

Suraj K Sankari — Thu, 16 Apr 2009 04:45:20 GMT

Hi,

just open your /etc/passwd file into vi
edit 2 things

1.uid make it 0
2.gid make it 0

see the example

suraj:x:0:0:SA:/home/suraj:/bin/bash

logout and again loggin

Suraj

Re: BACKUP ROOT ID

Avinash20 — Thu, 16 Apr 2009 05:02:26 GMT

"I have created through SAM and provided the uid as "0". Then i tried to login but its shows incorrect password, then i tried to login to my account(Normal user account) and i provide #su XXXXX , now i can able to access the system as root. My requirement is i dont want to put #su XXXXX command to access root."

1. It needs to be su - XXXX so that the profile of the user gets executed.

2. Also since I believe you are able to execute all the root command, could you confirm the same via

# whoami
>> This should display root.

If yes, then the question is why it shows login incorrect ?

Are you able to login via root user directly ?

Re: BACKUP ROOT ID

Dennis Handly — Thu, 16 Apr 2009 08:43:09 GMT

>I have created through SAM and provided the uid as "0". Then I tried to login but it shows incorrect password

What password did you assign, the same as you tried? You didn't use @ or # did you? (These are generally verboten.)

>My requirement is I don't want to put #su XXXXX command to access root.

Then you need to know the password, that you had to use when you used "su XXXXX" from a non-root user.

>Avinash: could you confirm the same via whoami

Another command would be id(1).

Re: BACKUP ROOT ID

James R. Ferguson — Thu, 16 Apr 2009 11:10:48 GMT

Hi:

Do yourself and your company a big favor. Abandon your attempts to duplicate the 'root' account (which as noted, is any uid=0).

Aside from weakening your system's security, someone, one day, might decide to remove the account and any files owned by it. Then, by example, assuming that the user is named "omprakash" do:

# find / -user omprakash -exec rm -rf {} +

...they have just removed everything owned by _root_ since "omprakash' is also uid=0.

Regards!

...JRF...

Re: BACKUP ROOT ID

OldSchool — Thu, 16 Apr 2009 17:07:19 GMT

"...someone, one day, might decide to remove the account and any files owned by it...."

Right. Auditors will ding you as well, plus selecting the incorrect option when removing the user in SAM can smoke the files as well I believe.

There are numerous threads here describing this issue.

"You have been warned"

Re: BACKUP ROOT ID

UVK_1 — Fri, 17 Apr 2009 02:13:18 GMT

There cannot be two root users in unix. As far as i know you cannot do this. The only option you have is what you have already done. create an admin user account with uid and gid 0.

No back up root users can be created. The admin for a unix box can only be root

Re: BACKUP ROOT ID

Dennis Handly — Fri, 17 Apr 2009 03:47:31 GMT

>OldSchool: plus selecting the incorrect option when removing the user in SAM can smoke the files as well I believe.

This may be apocryphal since SAM now checks.

Re: BACKUP ROOT ID

Dennis Handly — Fri, 17 Apr 2009 04:17:25 GMT

>UVK: There cannot be two root users in unix. The only option you have is what you have already done, create an admin user account with uid and gid 0.

You are confused. Your second statement conflicts with the first.
Anyone with UID of 0 IS root. They may just have different names, home directories or shells.

Re: BACKUP ROOT ID

Viktor Balogh — Sat, 18 Apr 2009 16:26:31 GMT

i think i know what your problem is. if you really want to log in as root through ssh, you should uncomment this line in /etc/opt/ssh/sshd_config:

#PermitRootLogin yes

so just remove the hashmark at the beginning of the above mentioned line, and restart the openssh daemon like this:

#/sbin/init.d/secsh stop;/sbin/init.d/secsh start

mark that the activ ssh connections won't be affected by the restart

Re: BACKUP ROOT ID

Omprakash_2 — Wed, 22 Apr 2009 03:17:40 GMT

Hi,

Thnaks for your support