Solved

Muiltiple UID 0 - pros/cons and other unix superuser questions

Posted on 2008-10-07
7
679 Views
Last Modified: 2013-12-06
I have seen suggestions that there be two UID 0 users, in case someone tries to log into root too many times and the account gets disabled, or to be able to change the shell and other environment variables while keeping root pristine.

I've also seen suggestions that there should NEVER be another UID 0 user, and that sudo should be used.

At this point I want to be able to log in as a superuser, use ksh, and have a home directory other than /.

I've noted that if I have another superuser created, whenever I change the password root's password will also be changed. Is that correct?

What should I do?
0
Comment
Question by:crcevans
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 40

Accepted Solution

by:
omarfarid earned 125 total points
ID: 22661518
Well creating another user with user id 0 (as root user id) is a lazy way of giving some one root priv. It would be better to use sudo for that purpose. It is not as on or off to have sh as the login shell for root (but you should be aware of security risks in changing it). Regarding home dir, I am not sure if changing the home dir for root in /etc/passwd will cause any problem, but it is simple to create an alias that will change dir when you login and set HOME env. variable for you.
0
 
LVL 14

Expert Comment

by:sjm_ee
ID: 22664412
Q I've noted that if I have another superuser created, whenever I change the password root's password will also be changed. Is that correct?

A No. Separate entries in the shadow password file.
0
 

Author Comment

by:crcevans
ID: 22669044
Omar, do you camp on EE during lunch, or what? You've touched just about all of my Unix questions...lol. Thanks for responding.

"home dir, I am not sure if changing the home dir for root in /etc/passwd will cause any problem, but it is simple to create an alias that will change dir when you login and set HOME env. variable for you."

The reason I want to change the home folder is that sendmail won't use my .forward until the folder it resides in doesn't have group wx permissions, so the alias won't help me. Any other input?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 40

Expert Comment

by:omarfarid
ID: 22669444
In EE you can set zones to send you mail alerts for new questions, so I keep an eye on my mail box and when ever I get time I open new questions and try to answer :)

But the root home dir does not have wx perm by default for group.

what is the output of

ls -ld /
0
 

Author Comment

by:crcevans
ID: 22669484
drwxrwxr-x  21 root       sys           8192 Oct  1 15:22 /
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 22669732
Why do you need rwx for the group on / dir? If not needed then change it to r-x
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22682467
You can set the root user's home directory to any directory, but it is recommended that the directory is in the root filesystem.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question