HPE Community
Operating System - HP-UX
1847179 Members
4236 Online
110263 Solutions
New Discussion

User with Root privilege

 
meekrob
Super Advisor

‎04-24-2007 05:32 AM

‎04-24-2007 05:32 AM

User with Root privilege

Hi all ,

i need to create a user with Root privileges , how can i do it ? did i have to give him the same id as root ,

Thank's
0 Kudos
Reply
9 REPLIES 9
Sundar_7
Honored Contributor

‎04-24-2007 05:36 AM

‎04-24-2007 05:36 AM

Re: User with Root privilege

Any user with UID 0 becomes root. But it is strongly recommended not to create users with UID 0 (except for root ofcourse).

You can consider using restricted SAM feature or install SUDO that will let you selectively enable superuser previlege to the users and also log their activities.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Sundar_7
Honored Contributor

‎04-24-2007 05:37 AM

‎04-24-2007 05:37 AM

Re: User with Root privilege

and one more option is to use SETUID to root for the binaries/scripts. This is also a big no-no for security reasons, but if you absolutely must.

Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎04-24-2007 05:38 AM

‎04-24-2007 05:38 AM

Re: User with Root privilege

Any user with UID 0 is a super-user but it is state-of-the-art dumb to have more than 1 login with UID 0. It is a huge security risk and the system will be unable to distinguish tasks done by root and "root2" because the system identifies users by the UID.

It is much better to install sudo on your system and allow specific users to perform specific tasks which require root access.
If it ain't broke, I can fix that.
0 Kudos
Reply
meekrob
Super Advisor

‎04-24-2007 09:37 PM

‎04-24-2007 09:37 PM

Re: User with Root privilege

How can i have SUDO , is it for Free ?
0 Kudos
Reply
Tom Henning
Trusted Contributor

‎04-24-2007 10:28 PM

‎04-24-2007 10:28 PM

Re: User with Root privilege

Sudo is freely available and can be downloaded as part of the internet express package.
http://h20293.www2.hp.com/portal/swdepot/searchProducts.do
What is it that possesses otherwise sane individuals to change something just because it has not been changed in a while?
0 Kudos
Reply
Alfredo Garcia Martino
Advisor

‎04-25-2007 12:15 AM

‎04-25-2007 12:15 AM

Re: User with Root privilege

It's part of HP-UX Internet Express and it's for free.

For HP-UX 11v1:
https://h20293.www2.hp.com/portal/swdepot/try.do?productNumber=HPUXIEXP1111

For HP-UX 11v2:
https://h20293.www2.hp.com/portal/swdepot/try.do?productNumber=HPUXIEXP1123
0 Kudos
Reply
Tim Nelson
Honored Contributor

‎04-25-2007 07:32 AM

‎04-25-2007 07:32 AM

Re: User with Root privilege

As you can see you should probably let us know why you are wanting to do this and we can help find you alternate options. i.e. restricted sam, sudo , suid, etc..

You might as well just give whomever the password for the root user, as creating another user with the uid of zero is effectively no different.

0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎04-25-2007 07:52 AM

‎04-25-2007 07:52 AM

Re: User with Root privilege

Hi:

Duplicating the uid of zero (0) is designed to help you or your successor totally wipe out your system.

Imagine that there is a user called "tech" that has a uid=0. You have noted that it hasn't been used in years and you are a new administrator cleaning up the server that you have inherited.

You do:

# find / -user tech -exec rm -rf {} \+

You have just removed everything owned by 'root' and are left with an unusable system as it grinds to a halt.

Names are for the benefit of humans. What counts is the 'uid' or numeric counterpart.

Regards!

...JRF...

0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎04-25-2007 08:11 AM

‎04-25-2007 08:11 AM

Re: User with Root privilege

Shalom,

You will undoubtedly be told by purists like me that there should not be more than one root user with user id zero.

That coming from a shop where each admin has his own root user so that we can know which root user did what to what system.

If the user does not require full root privs, consider sudo as an alternative.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.