Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Muiltiple UID 0 - pros/cons and other unix superuser questions

Posted on 2008-10-07
7
675 Views
Last Modified: 2013-12-06
I have seen suggestions that there be two UID 0 users, in case someone tries to log into root too many times and the account gets disabled, or to be able to change the shell and other environment variables while keeping root pristine.

I've also seen suggestions that there should NEVER be another UID 0 user, and that sudo should be used.

At this point I want to be able to log in as a superuser, use ksh, and have a home directory other than /.

I've noted that if I have another superuser created, whenever I change the password root's password will also be changed. Is that correct?

What should I do?
0
Comment
Question by:crcevans
7 Comments
 
LVL 40

Accepted Solution

by:
omarfarid earned 125 total points
ID: 22661518
Well creating another user with user id 0 (as root user id) is a lazy way of giving some one root priv. It would be better to use sudo for that purpose. It is not as on or off to have sh as the login shell for root (but you should be aware of security risks in changing it). Regarding home dir, I am not sure if changing the home dir for root in /etc/passwd will cause any problem, but it is simple to create an alias that will change dir when you login and set HOME env. variable for you.
0
 
LVL 14

Expert Comment

by:sjm_ee
ID: 22664412
Q I've noted that if I have another superuser created, whenever I change the password root's password will also be changed. Is that correct?

A No. Separate entries in the shadow password file.
0
 

Author Comment

by:crcevans
ID: 22669044
Omar, do you camp on EE during lunch, or what? You've touched just about all of my Unix questions...lol. Thanks for responding.

"home dir, I am not sure if changing the home dir for root in /etc/passwd will cause any problem, but it is simple to create an alias that will change dir when you login and set HOME env. variable for you."

The reason I want to change the home folder is that sendmail won't use my .forward until the folder it resides in doesn't have group wx permissions, so the alias won't help me. Any other input?
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 40

Expert Comment

by:omarfarid
ID: 22669444
In EE you can set zones to send you mail alerts for new questions, so I keep an eye on my mail box and when ever I get time I open new questions and try to answer :)

But the root home dir does not have wx perm by default for group.

what is the output of

ls -ld /
0
 

Author Comment

by:crcevans
ID: 22669484
drwxrwxr-x  21 root       sys           8192 Oct  1 15:22 /
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 22669732
Why do you need rwx for the group on / dir? If not needed then change it to r-x
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22682467
You can set the root user's home directory to any directory, but it is recommended that the directory is in the root filesystem.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AIX Server 10 87
CRON statement to run every 3 minutes except on Monday morning 12am to 2am 7 101
problem creating new luks volume on new VM disk 5 108
Linux hostname change 2 83
Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question