HPE Community
Operating System - HP-UX
1839570 Members
2029 Online
110147 Solutions
New Discussion

How to add a second root on a HP-UX platform

 
SOLVED
Go to solution
Mehdi_3
New Member

‎04-03-2002 02:49 AM

‎04-03-2002 02:49 AM

How to add a second root on a HP-UX platform

I want to create a second administrator (root) on a server under HP-UNIX 11.0 platform.
I've heard that this is possibile but i don't know how to do.
Is it possible to do it with SAM ???

Thanks
0 Kudos
Reply
9 REPLIES 9
John Carr_2
Honored Contributor

‎04-03-2002 02:54 AM

‎04-03-2002 02:54 AM

Re: How to add a second root on a HP-UX platform

Hi

you can create a nornal user account using sam, and specify user id 0. which gives root privlidges.

John.
0 Kudos
Reply
Marc Dijkstra
Trusted Contributor

‎04-03-2002 02:57 AM

‎04-03-2002 02:57 AM

Re: How to add a second root on a HP-UX platform

It is possible, but has inherent risks attached to it. Remember that if you "backdoor" the roor user, anything that you do to the NEW user will apply to root. Thus keep the shells the same at ALL times.

Just create a user in the /etc/passwd file with the same UID of root, that being 0.

Just be careful.....

MND
"A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila"
0 Kudos
Reply
Rainer von Bongartz
Honored Contributor

‎04-03-2002 03:00 AM

‎04-03-2002 03:00 AM

Re: How to add a second root on a HP-UX platform



Create a user account and give it the user id 0.

I'm no sure SAM will allow this but you can easily change the UID number in the passwd file.

But be aware: Having a second UID=0 is a potential security risk and not recommended !!



Regards
Rainer
He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
Clemens van Everdingen
Honored Contributor

‎04-03-2002 03:03 AM

‎04-03-2002 03:03 AM

Re: How to add a second root on a HP-UX platform

Hi,

It is possible but be aware of the following.

System Administrator may set up multiple accounts with the same uid, however this is done with the understanding that reverse uid lookups will find only the first instance of a
uid in the /etc/passwd file. Multiple accounts with the same uid are allowed, but will not work as expected with all commands.

C.
The computer is a great invention, there are as many mistakes as ever, but they are nobody's fault !
0 Kudos
Reply
John Carr_2
Honored Contributor

‎04-03-2002 03:07 AM

‎04-03-2002 03:07 AM

Re: How to add a second root on a HP-UX platform

Hi

as I said earlier you CAN do this in SAM I did it before I posted the answer.

John.
0 Kudos
Reply
Printaporn_1
Esteemed Contributor

‎04-03-2002 03:27 AM

‎04-03-2002 03:27 AM

Re: How to add a second root on a HP-UX platform

Hi,

I don't like the idea to create another user with id 0.
what happen if you delete that user in sam with remove all files that belong to this user.
enjoy any little thing in my life
0 Kudos
Reply
Heiner E. Lennackers
Respected Contributor

‎04-03-2002 03:39 AM

‎04-03-2002 03:39 AM

Re: How to add a second root on a HP-UX platform

Hi,

you can just duplicatie to root-line in the /etc/passwd file and change the name and the password, but:

You do not really have to "root" accounts: You will not be able to differ between this two account or even see, what was been done by which account.

Heiner
if this makes any sense to you, you have a BIG problem
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎04-03-2002 04:56 AM

‎04-03-2002 04:56 AM

Solution

Re: How to add a second root on a HP-UX platform

Yes, you can have multiple root users by simply editing the passwd file. However, it is a SEVERE security and stability risk!!!! Don't do it!!!

The first thing a hacker tries to do when breaking in is to attain root privileges and the one of these ways is to change an ordinary user ID into UID=0. Also, this poor user that is 'privileged' to have UID=0 will perform all normal functions with root privileges (reading email, writing scripts, cleaning up directories) and will very likely forget that rm -r * is incredibly dangerous. And then if that user leaves the company and you remove their login along with all the files that they own, you will destroy the entire system.

There are many other risks to such a plan. Instead, look at the man page for SAM concerning -r or restricted SAM and assign the required duties to this user. SAM will control access rights and the user is still an ordinary user.

Another alternative (very useful) is to download sudo, the SuperUser enablement program. It not limits users as to the types of commands they can run but can even limit the parameters allowed with specific commands (such as the device file used for mounting a CDROM).

Get a copy from: http://hpux.connect.org.uk/ (the HP-UX Porting and Archive Centre) or any of their mirrors.


Bill Hassell, sysadmin
Reply
Magdi KAMAL
Respected Contributor

‎04-03-2002 06:22 AM

‎04-03-2002 06:22 AM

Re: How to add a second root on a HP-UX platform

Hi Mehdi,

Edit your /etc/passwd and add your new username and then assign it a "0" as a User ID.
This will allow you to have a second root user on the Unix box.

Magdi
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.