- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Switch User - How to
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 04:40 PM
тАО11-11-2005 04:40 PM
Switch User - How to
Im quite new HP bud. I need some helps..
I gotta some appl/DB users which I wud like to use "su" w/o password.When I tried now its asking passwd. Can I get some bullots to shot out this.
Just--In
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 05:12 PM
тАО11-11-2005 05:12 PM
Re: Switch User - How to
did you have a look at "sudo"?
to be able to do "su" without entering a password you need to have root privileges
hope this helps
kind regards
yogeeraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 05:24 PM
тАО11-11-2005 05:24 PM
Re: Switch User - How to
Thxs for resp. I kno root prev. is reqd for "su" w/o passwd to other account. But in my case some appl/DB users needs "su" among them. How tht can be done.
Is something to do with my id_dsa/rsa keys ..??
Just--In
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 05:55 PM
тАО11-11-2005 05:55 PM
Re: Switch User - How to
i don't think there provisions for such things at the OS level.
Is you database an Oracle one?
Maybe at this level, something can be implemented.
kind regards
yogeeraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 06:31 PM
тАО11-11-2005 06:31 PM
Re: Switch User - How to
Yes we got Oracle DB/Apps. I dont find any provisions in DB for "swiching" OS user accounts...I have accounted those users in the same group(Primary).
Any more suggestions..
Just--In
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 06:38 PM
тАО11-11-2005 06:38 PM
Re: Switch User - How to
at the database lelve, you can try:
CURRENT_SCHEMA = schema
The CURRENT_SCHEMA parameter changes the current schema of the session to the specified schema. Subsequent unqualified references to schema objects during the session will resolve to objects in the specified schema. The setting persists for the duration of the session or until you issue another ALTER SESSION SET CURRENT_SCHEMA statement. CURRENT_SCHEMA is a session parameter only, not an initialization parameter.
This setting offers a convenient way to perform operations on objects in a schema other than that of the current user without having to qualify the objects with the schema name. This setting changes the current schema, but it does not change the session user or the current user, nor does it give you any additional system or object privileges for the session.
let me know if this helps
kind regards
yogeeraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 07:04 PM
тАО11-11-2005 07:04 PM
Re: Switch User - How to
Exactly my requirement is,
I dont like to give the same DB user login(Ex:oracle) for all DB users. So I've planned to create individual UIDs of same group, so that they can login individually and do a "su" to common-Oracle UID. Even this method can help me in tracing UIDs.
Just--In
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 09:43 PM
тАО11-11-2005 09:43 PM
Re: Switch User - How to
I would recommend you to go for the sudoers for this purpose.
All that you need to do is, install sudo package, then customise 'etc/sudoers' file to enable users to to do an su - oracle.
Then the users need to use sudo su - oracle, to swich the login to oracle. And also u need to sent no password for these users to perform the sudo su - oracle. This activity will be loggedin sudo log.
Regards,
Sunil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-11-2005 09:56 PM
тАО11-11-2005 09:56 PM
Re: Switch User - How to
what you wish to accomplish can in fact be achieved through ssh localhost login.
Say you have the two users appl and dba.
Now appl needs to login to dba's account on the same host.
I will use these prompts to indicate each's login in the examples "[appl]$" and "[dba]$".
From root login do a "su - appl".
In case the SSH subdir ~appl/.ssh doesn't yet exist it's easiest to do a localhost login to dba and abort when asked for a password.
SSH will then automagically create .shh dir with correct mode bits and add the host key of localhost to the file .ssh/known_hosts
[appl]$ ssh dba@localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 5d:2c:2d:b1:b2:7c:89:52:d6:53:ae:bd:cf:fd:0b:de.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
fiddle@localhost's password:
Abort at the password prompt with ^C for now.
Now you need to create a pair of keys for RSA
authentication that after creation will be stored in dba's SSH config.
[appl]$ ssh-keygen -t rsa -b 1024 -N "" -f ~/.ssh/id_rsa_dba_localhost
Generating public/private rsa key pair.
Your identification has been saved in /home/appl/.ssh/id_rsa_dba_localhost.
Your public key has been saved in /home/appl/.ssh/id_rsa_dba_localhost.pub.
The key fingerprint is:
35:f6:88:76:db:5f:0d:34:81:d5:1b:52:a7:7c:ae:3d appl@applshost.tld
Now exit to return back to root's login,
and do "su - dba".
As dba you also do a localhost login to appl to automatically have the .ssh subdir created shouldn't it yet exist.
[dba]$ ssh appl@localhost
Again abort when asked for password.
Now dba has to create the authorized_keys file shouldn't it yet exist.
[dba]$ ( umask 0022; touch ~/.ssh/authorized_keys )
Exit from dba to come back to root's login.
As root you now need to copy appl's newly generated public RSA key into dba's authorized_keys file.
# cat ~appl/.ssh/id_rsa_dba_localhost.pub >> ~dba/.ssh/authorized_keys
Voila, now appl should be able to login to dba@localhost without being asked for a password anymore.
As root do "su - appl", and try a first login to dba.
[appl]$ ssh -i ~/.ssh/id_rsa_dba_localhost dba@localhost
Because it is quite cumbersome to always having to type the identity key's path (followed after the -i switch) you can generate a file ~appl/.ssh/config and place there an entry for localhost logins of appl.
You have to assign the values for the "Host" and "IdentityFile" attributes accordingly.
See "man ssh_config" for details and format of the file as well as other numerous options.
Since your appl user now should be able to login to dba he as well can run any command as dba just the way you would do by the remsh command.
HTH