- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Root password
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2001 06:59 AM
тАО10-25-2001 06:59 AM
Re: Root password
Tell them you want the sys and system Oracle passwords and see what they say. At virtually every site at which I've worked this request comes up and I always say no. The duties are very different and the last thing that you want is for one of those guys to find a nice unused disk (i.e. no filesystem is mounted) and grab your swapspace. There are actually very few times when uid 0 is needed and in the worst case I would create a very small set of setuid wrappers on install sudo to do the same thing on a very limited number of commands. Pfs_mount is tricky enough without having a bunch of DBA's really messing it up.
Clay
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2001 07:04 AM
тАО10-25-2001 07:04 AM
Re: Root password
Our DBA's have never asked and have never needed it.
Ask what they need it for.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2001 07:16 AM
тАО10-25-2001 07:16 AM
Re: Root password
just another voice to say "no"...
DBAs do NOT need it, all they need are proper permissions of the mount-points, file-systems, raw-devices and config-files they need/use, but NOTHING about UN*X-administration.
You migh try telling them, that they have to pass the HP-UX administration certification and the BrainBench UN*X admin certification (and something the like else), before they can get super-user-access on *your* machines.
If they sign you a general "it is my fault" statement with a proof of their insurance covering the costs for a multi-hour-downtime of *your* systems, you can start considering it :-)
Just my $0.02,
Wodisch
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2001 07:21 AM
тАО10-25-2001 07:21 AM
Re: Root password
Don't give it! SAs are charged with the security of the systems and are responsible for such. No one else needs root (including pointy-haired managers who don't have a clue about UNIX but do like power). There are tools to give neccessary priviledges to those who really do need it.
If someone outside the sysadmin group has root, they can have the whole box as far as I'm concerned because I can no longer be responsible for the integrity of the box.
Darrell
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2001 07:26 AM
тАО10-25-2001 07:26 AM
Re: Root password
Unix is a multi user OS and every commercial database vendor for the last quarter century has segregated the roles of systems administrator and database administrator into separate users.
Coincidence? I think not.
Root privelege should be guarded closely and zealously. Trust me, the first time you lose a production system to a well-meaning but less-than-fully-competent coworker you will learn that lesson for all time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2001 07:40 AM
тАО10-25-2001 07:40 AM
Re: Root password
Thanx again you are the best!
Clara
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2001 05:51 AM
тАО11-11-2001 05:51 AM
Re: Root password
At my old place of work DBAs and SAs where strongly segregated, this generally worked fine with a few areas of contention (eg not enough disc space for expansion, problems editing various files.)
At my current place of work the DBA and SA roles have been mangled together and no matter what people will think it does work.
There are arguements for both sides of this:
Against: DBAs don't know what they are doing (but neither do a lot of SAs)
For: Greater efficiency (but greater risk of damage)
I could continue for pages in the above vein... Essentially look at *your* DBAs - would *you* trust them with your passwords? Would they trust you with their's?
If not look at sudo - it will allow them to do important DBA things without giving them full root access - but be careful; eg don't let them run 'vi' under sudo etc...
dave (the SA, but part time DBA!
- « Previous
-
- 1
- 2
- Next »