- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- SU_ROOT_GROUP in /etc/default/security
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2005 04:40 PM
03-23-2005 04:40 PM
Thanks for your help.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2005 04:52 PM
03-23-2005 04:52 PM
Solutionaccount management is part and parcel of system administraion life. Unless u have operators who take cares of this duties, i think your hands have to be dirty for such duties.
regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2005 10:10 PM
03-23-2005 10:10 PM
Re: SU_ROOT_GROUP in /etc/default/security
In order to set this up, you're going to have to make the (hopefully) limited number of users who are allowed to su to root members of the same group (we use "support"). You will also have to maintain this as people join and leave this group.
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2005 02:45 AM
03-24-2005 02:45 AM
Re: SU_ROOT_GROUP in /etc/default/security
The only maintenance you would have to do for this group is the addition/deletion of accts as people come/go.
Optionally, do set up a group. I create called 'wheel' and place the SysAdmins in there.
Low maintenance and overhead. Probably the lowest you will have to deal with.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2005 09:32 AM
03-24-2005 09:32 AM
Re: SU_ROOT_GROUP in /etc/default/security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2005 09:49 AM
03-24-2005 09:49 AM
Re: SU_ROOT_GROUP in /etc/default/security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-29-2005 07:13 AM
03-29-2005 07:13 AM
Re: SU_ROOT_GROUP in /etc/default/security
As to your last question, get the value for the $LOGNAME and test to see if the 1st character is a 'D'. If true, do whatever.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-29-2005 02:25 PM
03-29-2005 02:25 PM
Re: SU_ROOT_GROUP in /etc/default/security
suroot::201:billh,lucy,pooky,nermal
When the users login and type the id command, they will see something like this:
uid=103(billh) gid=20(users) groups=201(suroot)
If a user leaves or no longer needs su capability, you simply edit /etc/group. It is very important to note that there are a *lot* of steps needed when a new user is added or deleted. You should have a clearly defined process for both circumstances. Otherwise, all the effort to ensure good security/stability practices with the security file can be undone by problem users.
Bill Hassell, sysadmin