Equivalent uid to root


 
Thread Tools Search this Thread
Operating Systems AIX Equivalent uid to root
# 1  
Old 01-15-2013
Equivalent uid to root

Hi all
I have a strange problem on one my my AIX machines. We have created a user called testroot with the same UID as root (uid=0) by changing the uid of that user in the /etc/passwd file. I know that this is a security breach but this is a test system.
Now the strange thing that happens is that when i run
Code:
su -

to get the root prompt and then run
Code:
id

the command says that the id of the current user is testroot and NOT root, although having a uid of 0.
Strange enough, when i try to do some root tasks with that user like changing the password of another user on a HACMP cluster i am faced with an error message that only root can do this.
To my surprise, now even if i log on to the system with username root and the root password and run
Code:
id

it says that i am logged in as testroot!
Of course the only solution to this problem was to change the uid of that user to something else to regain my root privileges.
But still this is a very weird problem. Does anybody have a clue why this behavior occurs?
Thanks a lot in advance
# 2  
Old 01-15-2013
It should depend on the order the users are in the passwd file.

Code:
# head -2 /etc/passwd
root:x:0:0:root:/root:/bin/bash
postgres:x:0:4003:Postgres owner:/home/postgres:/bin/bash
 
# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk)
 
(change order in passwd file...)
 
# head -2 /etc/passwd
postgres:x:0:4003:Postgres owner:/home/postgres:/bin/bash
root:x:0:0:root:/root:/bin/bash
 
# su -
# id
uid=0(postgres) gid=4003(postgres) groups=4003(postgres)

# 3  
Old 01-15-2013
Thanks Scott.. I've already checked that. Actually the first entry in the passwd file is root and testroot is way near the end of the file.
# 4  
Old 01-15-2013
The user accounting in AIX is a bit more complicated than you seem to assume: there is not only "/etc/passwd" but also "/etc/security/passwd", similar for groups. In addition some information might be stored in the ODM. You have to change these files and make sure their contents match somehow, otherwise inconsistencies can be expected.

Without complete information i am left to guesses, but first i would check this and make sure the user database is consistent with itself.

The problem about "only root can do that" is probably caused by sloppy programming: usually the system uses numeric UIDs and these are only translated to names via consulting "/etc/passwd" for human convenience (quite like IP addresses are translated via "/etc/passwd"). Some utility might, instead of sticking to this convention, use user names instead of IDs though.

I hope this helps.

bakunin
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. SuSE

Non root user want to see /var/log/messages - any suse equivalent of Solaris dmesg

Hi New to Suse - mainly used Solaris. In solaris dmesg will also show you contents of messages log file but in Suse Liux it doesnt appear to. I dont have root access to this Suse server, and wondering is there any other tool / utility that allows me to see the messages file contents like on... (1 Reply)
Discussion started by: frustrated1
1 Replies

2. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

3. Solaris

New root account with Different UID number

Hi Unix Gurus . I have requirement where in which - I would like create duplicate root equivalent account with all the privileges equal to root. Is it possible to create this duplicate account with different UID. ? this id i would like give it to my teams - who does multiple activities using... (2 Replies)
Discussion started by: johnavery50
2 Replies

4. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

5. AIX

More than 1 UID 0

Hi, Can any one please tell what are the risks of having more than one users having UID 0 (root)? Thanks Naveed (9 Replies)
Discussion started by: naveedaix
9 Replies

6. UNIX for Dummies Questions & Answers

Duplicated UID

Hi folks! I need you help to discover what's the impact of a duplicated UID in an operating system. What's the meaning when someone put in different users the same UID? (3 Replies)
Discussion started by: phcostabh
3 Replies

7. Shell Programming and Scripting

UId

is tty command opens a process in the system if yes then why process got the userid????? (5 Replies)
Discussion started by: Mac91
5 Replies

8. UNIX for Advanced & Expert Users

Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue

Hi, I have a program with the following suid setup -rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above. But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies

9. UNIX for Dummies Questions & Answers

Run non-root script as root with non-root environment

All, I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies

10. UNIX for Advanced & Expert Users

Hw to create root-equivalent accounts?

Hi all. After installing ssh on a server, i'd like to create a user with root privileges. My problem is that after creating a user rootssh (uid=0, gid=20, /home/rootshh), i make rootssh's ssh keys. The problem is that normally the ssh-keygen should create the keys under $HOME/.ssh/, and actually... (6 Replies)
Discussion started by: penguin-friend
6 Replies
Login or Register to Ask a Question