HPE Community
Operating System - HP-UX
1838681 Members
4507 Online
110128 Solutions
New Discussion

changing root password

 
SOLVED
Go to solution
terry123
Regular Advisor

‎10-02-2008 08:10 PM

‎10-02-2008 08:10 PM

changing root password

hi All,

may i know are there any way to keep check on when the root password has been changed?

after i changed the root password i can't find any related info under /var/adm/syslog.

thx so much.

terrytse
0 Kudos
8 REPLIES 8
Patrick Wallek
Honored Contributor

‎10-02-2008 08:16 PM

‎10-02-2008 08:16 PM

Re: changing root password

If your system is trusted, you can do a:

# /usr/lbin/getprpw -m spwchg root

If your system is not trusted you can try:

# passwd -s root

#man getprpw

#man passwd

for more information on each command.
0 Kudos
terry123
Regular Advisor

‎10-06-2008 07:53 PM

‎10-06-2008 07:53 PM

Re: changing root password

thx, but passwd -s root will only show the password attributes for the root user.

may i know are there any log file which will keep check on root password changed?

0 Kudos
Ganesan R
Honored Contributor

‎10-07-2008 12:09 AM

‎10-07-2008 12:09 AM

Re: changing root password

Hi,

root history file will have the details if the password has been changed by command.
Best wishes,

Ganesh.
0 Kudos
Jannik
Honored Contributor

‎10-07-2008 12:39 AM

‎10-07-2008 12:39 AM

Re: changing root password

There is no HPUX way to do this, as i see it you have to options witch are not perfect.

Option 1:
Write a wrapper for the password program. And change the order of /etc/PATH to run you passwd script before the original. The down site is that users can run the passwd program directly with full qualified path or the /etc/PATH can be changed.

#!/usr/bin/ksh

USER=$1

logger -t PASSWORDCHANGE -p local0.info "The password for $USER is changing"

/usr/bin/passwd $USER

if [ $? -ne 0 ]
then
logger -t PASSWORDCHANGE -p local0.info "Failed to change password for $USER"
else
logger -t PASSWORDCHANGE -p local0.info "password changed for user $USER"
fi

Option 2:
Move the original passwd binary to a new location and place the wrapper instead. This is not a good sollution because "sam" will try to use the replaced file.
The other downside is that and OS opgrade will replace your file.

You might combine option 1 with some RBAC to make sure how will be able to run the original passwd command.

Best regards JT
jaton
0 Kudos
terry123
Regular Advisor

‎10-07-2008 05:27 AM

‎10-07-2008 05:27 AM

Re: changing root password

thx All,

but may i know where can i find the root history file?

0 Kudos
Johnson Punniyalingam
Honored Contributor

‎10-07-2008 05:44 AM

‎10-07-2008 05:44 AM

Solution

Re: changing root password

Hi Terrytse,

Please look for the history under the /root

example:-

cd ~root
ls -la
look for this file --> sh_history

more sh_history,

hope this helps

Thanks,
Johnson


Problems are common to all, but attitude makes the difference
0 Kudos
Dennis Handly
Acclaimed Contributor

‎10-07-2008 07:29 AM

‎10-07-2008 07:29 AM

Re: changing root password

>but may i know where can i find the root history file?

It's named by $HISTFILE. Typically sh doesn't define this for root. One default would be ~/.sh_history.
0 Kudos
terry123
Regular Advisor

‎10-09-2008 12:23 AM

‎10-09-2008 12:23 AM

Re: changing root password

thx all for the help.

;)
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.