Sponsored Content
Full Discussion: su to root
Operating Systems HP-UX su to root Post 95566 by isingh786 on Thursday 12th of January 2006 11:36:42 AM
Old 01-12-2006
Hi,

Thanks for your prompty reply.

I checked for securetty file under /etc. I don't have any. So I just created a new file named securetty under /etc/ and added console in that. Now I cannot login directly as root. But I can do su - to root which is what I wanted.

Following are the contents of my /etc/securetty file:

console

I just wanted to make sure with you that I did the right thing and I can still login directly from console.

And in your post you mentioned about excluding the /dev/console . How I can do that.

This is mentioned in "man login". Basicly just put "console" in /etc/securetty. Then except for /dev/console, root cannot login.

TIA,
Inder
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Run non-root script as root with non-root environment

All, I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies

2. UNIX for Dummies Questions & Answers

I need it to prompt me for a root password, so I don't have to log as root

Hi folks, I'm trying to install a program, and I want to place some of the executables into /usr/bin so that they can be executed from any folder on the computer. I've been giveng the root password, but told never to log in directly as root. Instead, I can wait for a password prompt. However, I... (2 Replies)
Discussion started by: lunchtime
2 Replies

3. AIX

Can't login root account due to can't find root shell

Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in. I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies

4. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

5. Solaris

Lost Root Password on VXVM Encapsulated Root Disk

Hi All Hope it's okay to post on this sub-forum, couldn't find a better place I've got a 480R running solaris 8 with veritas volume manager managing all filesystems, including an encapsulated root disk (I believe the root disk is encapsulated as one of the root mirror disks has an entry under... (1 Reply)
Discussion started by: sunnyd76
1 Replies

6. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

7. SuSE

Auditors want more security with root to root access via ssh keys

I access over 100 SUSE SLES servers as root from my admin server, via ssh sessions using ssh keys, so I don't have to enter a password. My SUSE Admin server is setup in the following manner: 1) Remote root access is turned off in the sshd_config file. 2) I am the only user of this admin... (6 Replies)
Discussion started by: dvbell
6 Replies

8. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

9. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

10. UNIX for Beginners Questions & Answers

Can a root role change the root password in Solaris 10?

i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet. and do i have to use the # chgkey -p afterwards? i need to patch is why i am asking. thanks (1 Reply)
Discussion started by: goya
1 Replies
PAM_SECURETTY(8)						 Linux-PAM Manual						  PAM_SECURETTY(8)

NAME
pam_securetty - Limit root login to special devices SYNOPSIS
pam_securetty.so [debug] DESCRIPTION
pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in /etc/securetty. pam_securetty also checks to make sure that /etc/securetty is a plain file and not world writable. This module has no effect on non-root users and requires that the application fills in the PAM_TTY item correctly. For canonical usage, should be listed as a required authentication method before any sufficient authentication methods. OPTIONS
debug Print debug information. MODULE TYPES PROVIDED
Only the auth module type is provided. RETURN VALUES
PAM_SUCCESS The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable device. PAM_AUTH_ERR Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the /etc/securetty file is world writable or not a normal file. PAM_INCOMPLETE An application error occurred. pam_securetty was not able to get information it required from the application that called it. PAM_SERVICE_ERR An error occurred while the module was determining the user's name or tty, or the module could not open /etc/securetty. PAM_USER_UNKNOWN The module could not find the user name in the /etc/passwd file to verify whether the user had a UID of 0. Therefore, the results of running this module are ignored. EXAMPLES
auth required pam_securetty.so auth required pam_unix.so SEE ALSO
securetty(5), pam.conf(5), pam.d(5), pam(7) AUTHOR
pam_securetty was written by Elliot Lee <sopwith@cuc.edu>. Linux-PAM Manual 06/04/2011 PAM_SECURETTY(8)
All times are GMT -4. The time now is 07:08 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy