HPE Community
Operating System - HP-UX
1820620 Members
1984 Online
109626 Solutions
New Discussion юеВ

Re: super user

 
AA786
Frequent Advisor

тАО11-14-2007 03:14 AM

тАО11-14-2007 03:14 AM

super user

how i can check a user ID have root(superuser) privlages ?
0 Kudos
Reply
9 REPLIES 9
Pete Randall
Outstanding Contributor

тАО11-14-2007 03:16 AM

тАО11-14-2007 03:16 AM

Re: super user

Look at the /etc/passwd entry for the user. If the userid is 0 (zero), the user is a root equivalent with all the associated privileges.

By the way, root equivalent users are not a particularly good idea - there should be one and only one root user.


Pete

Pete
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО11-14-2007 03:18 AM

тАО11-14-2007 03:18 AM

Re: super user

Hi:

Any user with an id=0 is a root (superuser).

Don't ever create multiple uid=0 accounts. Not only is it a security risk, it is a disater waiting to happen when you delete one that you no longer want.

Regards!

...JRF...
0 Kudos
Reply
Tim Nelson
Honored Contributor

тАО11-14-2007 03:18 AM

тАО11-14-2007 03:18 AM

Re: super user

logins -d will also show users with duplicate userids.

As mentioned you are interested in UID 0

0 Kudos
Reply
Dave Hutton
Honored Contributor

тАО11-14-2007 03:20 AM

тАО11-14-2007 03:20 AM

Re: super user

If you have root access you can run #logins
servera:root /root/ # logins
root 0 sys 3
daemon 1 daemon 5
bin 2 bin 2
sys 3 sys 3
adm 4 adm 4
uucp 5 sys 3
lp 9 lp 7


And look for the users that have the second field of 0. Otherwise cat /etc/passwd and look through the same list looking for 0 in the 3rd field.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО11-14-2007 03:38 AM

тАО11-14-2007 03:38 AM

Re: super user

awf -F ':' '{if ($3 == 0) print $0}' /etc/passwd

Any lines listed will have UID 0 which makes them a super-user. A much more difficult task is to determine who can become a super-user (ie who knows the root password).

You should also note that ALL of your users have super-user privileges (at least at some times). Note that the permissions on the passwd file are read-only for all users and yet users are able to change their passwords. How can this be possible? The passwd command is a setuid program owned by root which means that the effective UID becomes 0 when the command is executed.

If it ain't broke, I can fix that.
0 Kudos
Reply
Peter Nikitka
Honored Contributor

тАО11-14-2007 05:02 AM

тАО11-14-2007 05:02 AM

Re: super user

Hi,

awf was just misspelt my ACS - he shurely meant awk. His command can be abbreviated to
awk -F: '$3 == 0' /etc/passwd

For a NIS configuration, you can check additionally
ypcat passwd | awk -F: '$3 == 0'

mfG Peter
The Universe is a pretty big place, it's bigger than anything anyone has ever dreamed of before. So if it's just us, seems like an awful waste of space, right? Jodie Foster in "Contact"
0 Kudos
Reply
Sp4admin
Trusted Contributor

тАО11-14-2007 08:47 AM

тАО11-14-2007 08:47 AM

Re: super user

As said above there are many diffrent was to answer the question. check for user ID 0.

#logins
root 0 sys

sp,
0 Kudos
Reply
whiteknight
Honored Contributor

тАО11-14-2007 01:26 PM

тАО11-14-2007 01:26 PM

Re: super user

Hi,

# logins
root 0 sys 3>>
skn 0 sys 3>>
daemon 1 daemon 5
bin 2 bin 2
sys 3 sys 3
adm 4 adm 4
uucp 5 sys 3
lp 9 lp 7
nuucp 11 nuucp 11
hpdb 27 other 1 ALLBASE
www 30 other 1
webadmin 40 other 1

those with uid 0 will have root priviledged

WK
Problem never ends, you must know how to fix it
0 Kudos
Reply
jaivinder
Frequent Advisor

тАО11-14-2007 03:09 PM

тАО11-14-2007 03:09 PM

Re: super user

Hi,

Check the /etc/passwd file for the uid no other user then root should have 0 uid.

rgds,
jaivinder
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.