01-04-2008
No, it's an artifact of your deployment. I'm assuming NIS & NFS. The developers don't need to add local uids for them to su if the pertinent filesystems and credentials are available. I can think (quickly) of only one way to deal with the issue and that is by implementing netgroups (man -k netgroup).
Developers having local root access is an insupportable security practice imho. Perhaps a well designed sudo implementation is in order.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
How can I prevent anyone from logging in as root directly? I have added the line
console=/dev/null
to the file /etc/default/login
I was still able to login as root from the console. Please advice.
Thanks
Srini (4 Replies)
Discussion started by: skotapal
4 Replies
2. UNIX for Dummies Questions & Answers
How to prevent root users from editing files (logs)? Is there any way? (4 Replies)
Discussion started by: vehchi
4 Replies
3. Solaris
I would like to know how to prevent users connecting to a server using SSH as root.
I would still like them to be able to login with their username and then change to su.
But I would like to prevent them logging in directly as root.
I have searched the forum and read that I should set... (3 Replies)
Discussion started by: Sepia
3 Replies
4. Red Hat
Hello everybody, we have a NIS User lsfadmin which gets his environment variables from the autmount /home/lsfadmin.
A newer version of the application needs a different environment to launch the application.
I can't change the environment of the NIS User because we use NIS company wide for... (0 Replies)
Discussion started by: sdohn
0 Replies
5. Shell Programming and Scripting
Hi Gurus,
I have a script that requires me to switch from local user to root. Anyone who has an idea on this since when i switch user to root it requires me to input root password.
It seems that i need to use expect module here, but i don't know how to create the object for this.
... (1 Reply)
Discussion started by: linuxgeek
1 Replies
6. UNIX for Advanced & Expert Users
Hi all,
My need is :
1. To know who , when , which command used.
2. Local user should not delete this information.
I mean , with an example , i can say
i have a user user1
i need to give all the following permissions to user1, :
a. A specific directory other than his home... (3 Replies)
Discussion started by: linuxadmin
3 Replies
7. UNIX for Dummies Questions & Answers
I have root access on a linux (RH5.4) server within an NIS setup that I don't control. I have an NIS account that creates directories on my local node that I want to be writable by my local apache account.
The NIS account is only a member of the "users" group and the local apache account is... (1 Reply)
Discussion started by: clindseysmith
1 Replies
8. UNIX for Dummies Questions & Answers
Hi all,
My need is :
1. To know who , when , which command used.
2. Local user should not delete this information.
I mean , with an example , i can say
i have a user user1
i need to give all the following permissions to user1, :
a. A specific directory other than his home... (1 Reply)
Discussion started by: sriky86
1 Replies
9. Red Hat
Hi,
I have three servers,For 3 servers how i can take output,all the local accounts and details of whether the access is Root or User access.
cheers (1 Reply)
Discussion started by: ranjithm
1 Replies
10. Shell Programming and Scripting
Hi,
I need to switch from local user to root user in a shell script.
I need to make it automated so that it doesn't prompt for the root password.
I heard the su command will do that work but it prompt for the password.
and also can someone tell me whether su command spawns a new shell or... (1 Reply)
Discussion started by: Little
1 Replies
LEARN ABOUT SUSE
revnetgroup
REVNETGROUP(8) NIS Reference Manual REVNETGROUP(8)
NAME
revnetgroup - generate reverse netgroup data
SYNOPSIS
/usr/lib/yp/revnetgroup [-u | -h]
DESCRIPTION
Revnetgroup processes the standard input in netgroup(5) format into what is called reverse netgroup form. That is, where the original file
shows netgroup memberships in terms of which members reside in a particular group, the reverse netgroup format specifies what groups are
associated with a particular member. This information is used to generate the netgroup.byuser and netgroup.byhosts NIS maps. These reverse
netgroup maps are used to help speed up netgroup lookups, particularly for the innetgr() library function.
The revnetgroup command prints its results on the standard output. It is usually called only by /var/yp/Makefile when rebuilding the NIS
netgroup maps.
OPTIONS
-u
Generate netgroup.byuser output; only username information in the original netgroup file is processed.
-h
Generate netgroup.byhost output; only hostname information in the original netgroup file is processed.
FILES
/var/yp/Makefile
The Makefile to build the NIS databases.
/etc/netgroup
The default netgroup database file. This file is most often found only on the NIS master server.
SEE ALSO
getnetgrent(3), netgroup(5),
AUTHOR
revnetgroup was written by Thorsten Kukuk <kukuk@linux-nis.org>.
NIS Reference Manual 09/26/2007 REVNETGROUP(8)