• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1344
  • Last Modified:

Change "root" user to others

Can we change solaris user "root" to others? If so, How can I do?
How about other unix platforms, such as HPUX, Linux, etc?
0
sirator
Asked:
sirator
  • 5
  • 2
  • 2
  • +2
1 Solution
 
yuzhCommented:
>>>Can we change solaris user "root" to others? If so, How can I do?

when you login as root and you want to switch to another user, you can do:

              su - another-user

to run a command as another user you do:

              su - another-user -c "command"

man su
to learn more details.

IF you want to rename root to another user, bad idea, your system might stop functioning
without root ! In practical you can create another user have the same power as root (it create
a security hole in your system, I would not recommand to do it).

>>>How about other unix platforms, such as HPUX, Linux, etc?
the above comments apply to all *nix!

0
 
TintinCommented:
Do NOT change the root user to anything else as it will break your system.  Although most processes work off UID, there are still plenty of things that check for the actual user 'root'
0
 
siratorAuthor Commented:
That means it's absolutely IMPOSSIBLE to rename "root" to another name, right?
And if I create another user with the same power as root for example "admin" and then I delete user "root" out of the system, can I?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
NukfrorCommented:
Its not impossible - nothing stopping you from using vi and doing it - You just may *seriously* regret it later.

You should goto http://docs.sun.com and do some reading on RBAC.  RBAC can be used to effectively stop root from being god-of-the-box-for-everything and give that role to someone else if you wish.
0
 
TintinCommented:
Let's go back a few steps.

Why do you want to change the root user?

I get a sneaking suspicion that sudo might be involved in the answer once we know your reasons.
0
 
NukfrorCommented:
Tinin - stop being so correct to ask that question.
0
 
Mike R.Commented:
Actually, I regularly create a "root1" user on Solaris systems and associate it with the UID "0" (zero).  

It can hold its own password, such that you can allow other users to login with their own password and function as root.  The only snag you regularly run into is, if a user logs in as "root1", and then does a "passwd" (by itself) to change his password...it will change root's password (as "passwd" sees him as UID "0", and will associate "root" as UID "0" before "root1".)  However, if you run the command "passwd root1" (as either root or root1) it will change the correct users passwd.

"root1" can be any username...however, one thought is...if a user is trusted enough to have root access, they are probably trusted enough to have the root password.

"sudo", "suid" or appropriate access rights on files is probably a better way to control your system.

Best of Luck!
M
0
 
Mike R.Commented:
P.S.  If you are looking to CHANGE root to something else (like Windows security guides recommend)...Tintin is correct in the sence that there are MANY scripts on the system which check the currently logged in user by the $LOGNAME variable, and take action based on if it's "root" or not.  If you change the name...these will break.  You COULD change "root" to something else, but it might be a bad idea.

M
0
 
siratorAuthor Commented:
Dear Rightmirem
     Thanks for your valuable info., I don't intend to change them, it's just my suspicion if I can rename it.
     Anyway, what is the sudo or suid? Are they Unix's command or anything? Please explain me.
0
 
yuzhCommented:
You can download sudo from:
     http://sunfreeware.com/
to learn more details about sudo, see:
    http://www.sudo.ws/sudo/
or do a search at EE, answered many, many many times.

 What's SUID:
http://www.homepage.montana.edu/~unixuser/051602/SUID.html
http://www.unix.org.ua/orelly/networking/puis/ch05_05.htm
http://www.samag.com/documents/s=1149/sam0106a/
0
 
Mike R.Commented:
Check the above links.  SuDo is actually a program package that allows other users (specified in a configuration file) to run items as if they were root.  Simply put, you canlet specified users run root stuff without knowing the root password.

suid (or "set UID") is a method by which you can allow a script to run as if it were called by the owner of the file, even if it is called by another.  Example...

1. You have a script called "runme".
2. It is owned by user "root", and group "users"
3. It has the standard permissions of -rwxr-x---, which allows root full control, the goup "users" to read and execute the file, and everyone else "no access".
4. When a user other than root, who belongs to the "users" group runs the command (I.E. user "mright") the script is identified by the system as having been run by "mright" and will only allow the script to do the things "mright" is allowed to do.  

Meaning, if the script says to "umount /directoryname", the umount will fail because "mright" does not have the system permissions to do a umount.

4. As root, you set the suid with the command "chmod o+s" such that now the permissions read "-rwsr-x---".  (Note, you have to first have the "x" permission turned on, to then set the suid.
5. The "-rwsr-x---" permission is now saying the script is owned by root, who has full control, and the "execute" permission is setuid.  The group "users" can still run the script, but when "mright" runs the script, the system will identify the user as the "setuid" owner, or in this case "root".  This will allow the "umount /directoryname" command in the script to function because the systems has identified the user running the script to be "root", even though "mright" called the script.

0
 
Mike R.Commented:
Oops....hit send accidentally...

What I was about to say was...THIS IS A HUGE SECURITY RISK (setuid) because ...

A)  If someone can manage to modify the script, they now have the ability to run ANYTHING as root.  And...

B) If there is any place for user input, this can be abused by hackers to infiltrate the system.  Example...

SCRIPT***
#/bin/ksh
echo "Input item to search for"
read SEARCHLIST
find . -name $SEARCHLIST
exit 0
END SCRIPT ***

The script seems innocuous enough, BUT if it is "setuid" to root...a hacker could enter the following as the search list...

"filename; rm -rf /*"

... and the end result would be that the script would run the command "find . -name filename; rm -rf /*" which would be interpreted by the system as two commands...the "find . -name filename" and then the command "rm -rf /*".  Since the script is run as root...you lose your system.

Caution caution caution with suid.

Best of luck,
M
0
 
Mike R.Commented:
Ooops..another P.S. (this is what I get for answering questions before I finish my coffee)...

The command is "chmod u+s" (for user+setuid) NOT "chmod o+s" (which would mean "other+setuid"...easily confused with "owner+setuid".)

My booboo :-)
M
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 5
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now