|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| UNIX for Advanced & Expert Users Advanced UNIX and Linux questions go here. Expert-to-Expert. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Prevent users logging in as root | Sepia | SUN Solaris | 3 | 06-05-2008 10:45 AM |
| What change in freeBSD OS to allow root logging using ssh? | 100days | UNIX for Advanced & Expert Users | 5 | 01-19-2006 04:39 PM |
| how to access root priveliges if root password is lost | wojtyla | Linux | 1 | 02-18-2005 03:24 AM |
| Run non-root script as root with non-root environment | bubba112557 | UNIX for Dummies Questions & Answers | 2 | 12-02-2004 09:39 PM |
| Logging in as root on SuSE 9.1 | CTroxtell21 | Linux | 10 | 11-10-2004 11:19 PM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Search this Thread | Display Modes |
|
#1
03-08-2002
|
|||
|
|||
|
Logging in and then su to root
We have several people that log in using root. What I need to do is have everyone to log in using there own account then su to root. How would I do this. We have aix 4.2
|
| Forum Sponsor | ||
|
|
|
#2
03-08-2002
|
||||
|
||||
|
Cant understand your question...
Quote:
|
|
#4
03-08-2002
|
||||
|
||||
|
First of all the su command can/must be used by previeleged users ie. root. Frequent change of password must be done to obtain maximum security between the server site and client side.
one way to do it is to add a script to either /etc/profile or the particular user's .profile that tests to restrict the user. Something like this in /etc/profile will work: IAM=`who am i | cut -d" " -f1` COUNT=`w | cut -d" " -f1 | grep "^$IAM$" | wc -l` [ $COUNT -gt 1 ] && exit 0 Not sure whther that command works or not but one thing for suggestion. Do not disable the password. Changing the password will do (just an advise). In case of problem then your user might face some problem. |
|
#5
03-08-2002
|
||||
|
||||
|
Wait, your first post says that people are curretly logging in as root, and that you want them to log in as themselves and use su to get root.
Your second post says that you don't want them using su. I'm lost. OK... lets see... If you don't want people to log directly in as root, edit the /etc/securetty file (different for some versions of Unix - post back with which Unix you're using, and we can help you). If you want to limit the people who can use su, you could change the group on it to something else (wheel is very common), and remove the rights for everyone else, so that only those in the wheel group can execute the su command. su does not have to be run by a priveleged user, but it's a good idea to limit those who can use it to prevent abuse and brute force attempts. If you don't want su either, look into sudo. It gives you the ability to limit what users can execute which commands as superuser. If none of these satisfy your question, please post back with exactly what you need. |
|
#6
03-08-2002
|
||||
|
||||
|
Here's a link that may help.
It gives you a "checklist" of things to look for and possibly correct. http://www.cop.vt.edu/unix/aix.security.html |
||||
| Google The UNIX and Linux Forums |
Linear Mode
