HPE Community
Operating System - HP-UX
1834609 Members
2841 Online
110069 Solutions
New Discussion

How to create a User ID which have same power as "root"?

 
SOLVED
Go to solution
Chen Yingjie
Frequent Advisor

‎05-22-2003 06:10 PM

‎05-22-2003 06:10 PM

How to create a User ID which have same power as "root"?


I want to create a User ID.
This User ID must have same
power as "root" becuase we
should give "root" to the
Sytem Operation Dept.

Thanks
0 Kudos
Reply
16 REPLIES 16
Bill Hassell
Honored Contributor

‎05-22-2003 06:17 PM

‎05-22-2003 06:17 PM

Solution

Re: How to create a User ID which have same power as "root"?

Very common request, but a very bad idea. The Operation Department should login with normal user ID's, then use:

su - root

to become root temporarily. root is much too powerful to give out to a lot of people. A much better solution is to download sudo, a program which can limit each user to selected commands and parameters. Without such restrictions, the system may be damaged and there will be no way to identify who made the mistake.


Bill Hassell, sysadmin
Reply
sekar parthasarathy
Advisor

‎05-22-2003 06:18 PM

‎05-22-2003 06:18 PM

Re: How to create a User ID which have same power as "root"?

Hi,

Install SUDO,
which will solve your
problem.


Regards

Sekar.
Reply
Jeff Schussele
Honored Contributor

‎05-22-2003 06:20 PM

‎05-22-2003 06:20 PM

Re: How to create a User ID which have same power as "root"?

How....same UID as root - 0.
Why....I can't think of a smart reason.
DO NOT DO THIS.

My $.02
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Reply
malay boy
Trusted Contributor

‎05-22-2003 06:23 PM

‎05-22-2003 06:23 PM

Re: How to create a User ID which have same power as "root"?

agree with Bill.Create a normal id and grant the user to able to su.

so many people know root password,wargh!! bad idea..

In our company nobody know the root password.Strange but true , the password is lock in my boss room.

We installed a third party software which enable the normal user to become root.

And the third party software will kept track every key stroke you make when becoming pseudo root.

hope this help

regards
mB
There are three person in my team-Me ,myself and I.
0 Kudos
Reply
Chen Yingjie
Frequent Advisor

‎05-22-2003 06:30 PM

‎05-22-2003 06:30 PM

Re: How to create a User ID which have same power as "root"?

Thank you all.

Where can I download the SUDO?

0 Kudos
Reply
Tom Ward_1
Honored Contributor

‎05-22-2003 06:37 PM

‎05-22-2003 06:37 PM

Re: How to create a User ID which have same power as "root"?

You can get a depot for SUDO here: http://hpux.connect.org.uk/

Sudo's home page is here:
http://www.courtesan.com/sudo/
Reply
Suhas_2
Regular Advisor

‎05-22-2003 07:52 PM

‎05-22-2003 07:52 PM

Re: How to create a User ID which have same power as "root"?

Hi,
Alternatively, you may wish to use "PowerBroker" software from Symark.
www.symark.com/powerbroker.htm

This will allow you to delegate these privileges to other users. It will authenticate the end-user. It will help to keep an Audit Trail of the activity carried out.

Hope this helps.

Regards...
Suhas
Never say "Die"
Reply
twang
Honored Contributor

‎05-22-2003 08:24 PM

‎05-22-2003 08:24 PM

Re: How to create a User ID which have same power as "root"?

create user with userid=0:
# useradd -u 0 otto
Reply
Yogeeraj_1
Honored Contributor

‎05-22-2003 09:25 PM

‎05-22-2003 09:25 PM

Re: How to create a User ID which have same power as "root"?

hi

i still believe using SUDO is more secure than changing the ID of the user to 0 (same as root).

regards
Yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Reply
Tim Sanko
Trusted Contributor

‎05-23-2003 06:50 AM

‎05-23-2003 06:50 AM

Re: How to create a User ID which have same power as "root"?

First as they have said, use sudo, or as I have done embed the root user with a menuscript, that you as the admin know how to interupt, but the users won't know about.

Second, If you allow the Operations department to have a menu that lets them do certain boring, repetetive tasks that require root access, It can really ease up your work load.

For Example we allow our Operation to do this list of things.

echo "\t\t Operations Menu\n"
echo "\t1. check BCVs \n"
echo "\t2. check oracle status\n"
echo "\t3. check Listener status\n"
echo "\t4. cancel print job\n"
echo "\t5. check at jobs \n"
echo "\t6. check pwgr daemon \n"
echo "\t7. check batch queues\n"
echo "\t8. glance\n\n"
echo "\t\tx logout \n"

This gives operations a view of the system, and its processes as well as the ability to take the repetetive chores out of my work queue.

I still do all of the above on occasion, but I can do them as well from a command line, but it is easy to use the menu system. and it prevents unauthorized access to the command prompt as I encrypt a separate password and read a variable to gain
prompt access.

Reply
John Meissner
Esteemed Contributor

‎05-23-2003 07:16 AM

‎05-23-2003 07:16 AM

Re: How to create a User ID which have same power as "root"?

several options. some of which have been mentioned above.

creating another user with root privlidges is a bad idea. But it's your system and if you choose to do that. just create another user and set their UID to 0 (zero) - this will make them the same as root.

As mentioned this is a BAD idea and is FULL of security holes. I'd recommend SUDO (mentioned earlier) or ServiceControl Manager (a free HP product)
both of these will allow you to run tools with root permissions while not actually knowing root the root password. We use SCM (service control manager) at work for our tier 1 and tier 2 support teams so they can run sam and reset passwords. You can create custom scripts or tools with either of these to run as root. a very versitile tool.

Restricted SAM is another option if all you need to do is run SAM.
All paths lead to destiny
0 Kudos
Reply
John Meissner
Esteemed Contributor

‎05-23-2003 07:20 AM

‎05-23-2003 07:20 AM

Re: How to create a User ID which have same power as "root"?

SCM (ServiceControl Manager)
can be downloaded from here:

https://payment.ecommerce.hp.com/cgi-bin/swdepot_parser.cgi/cgi/try.pl?productNumber=B8339BA3.0&date=

(or go to http://www.software.hp.com/ and search for SCM)

This product has a nice GUI interface and is web enabled - which is great.
All paths lead to destiny
0 Kudos
Reply
John Meissner
Esteemed Contributor

‎05-23-2003 07:21 AM

‎05-23-2003 07:21 AM

Re: How to create a User ID which have same power as "root"?

sorry for the bad link... try here.

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProducts.pl?group_type=search&group_name=SCM&search_free=1&search_trial=1&search_buy=1

just click on
ServiceControl Manager 3.0
receive for free button
All paths lead to destiny
0 Kudos
Reply
MANOJ SRIVASTAVA
Honored Contributor

‎05-23-2003 07:23 AM

‎05-23-2003 07:23 AM

Re: How to create a User ID which have same power as "root"?

Hi Chen Yingjie


Create a user say test , then edit the /etc/passwd file to have the same uid/gid ie 0:3 , this will do the job , but you need to be careful about this user bcoz it is as powerful as root.


Manoj Srivastava


Reply
Abskhan
Occasional Advisor

‎05-24-2003 03:30 AM

‎05-24-2003 03:30 AM

Re: How to create a User ID which have same power as "root"?

Hi,

last option :

u can either have setuid scripts designed for specific tasks or better have then in a menu which u'r system operations can run .
0 Kudos
Reply
Dipu
Occasional Advisor

‎05-26-2003 01:13 AM

‎05-26-2003 01:13 AM

Re: How to create a User ID which have same power as "root"?

Hi,
Creat a new user and change the user id and group id to zero. In this way another user othere than root will have the root previlage.

I understand this is not a good method, but this is one of the simplest method.

Dipu
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.