02-18-2008
No root access, no management
To my opinion you cannot manage a box without root access. So I have root access to all boxes I'm responsible for, both AIX (approx. 25), physical RHEL (approx. 80) and virtual (vm) RHEL (approx 120).
We are using both sudo (no direct root access) and direct root access. We are moving away from direct root access and moving towards sudo root access. Although I'm not convinced that this is safer, I'm very much in favor of this method.
8 More Discussions You Might Find Interesting
1. Linux
wish to know how to access root password it root password is forgotten in linux (1 Reply)
Discussion started by: wojtyla
1 Replies
2. SCO
We have SCO 5.0.5 and can't log into system as "root". The system indicates the password is incorrect. No one knows what happened.
How can we resolve this issue.. Are there files we can restore from backup...?
Any suggestions would be appreciated.
Thank you.. (2 Replies)
Discussion started by: RBurer
2 Replies
3. Filesystems, Disks and Memory
Hello Moto
I hope someone can help
We's here at work, have a unix box with sco openserver 5 on it, so it has a nice gui interface.. and also a fair few windows computers..
a system admin guy b4 me, has set up a user called neil, which can, when u try to access the unix box using windows... (2 Replies)
Discussion started by: haggo
2 Replies
4. AIX
Hello
I have a question.
I have a box with Aix 5.3 but I want to disable root access direct from any terminal or console. I mean If I want to login to 10.10.10.10
login:root
password *********
Root access is not permited
Which file I have to edit. to the users first login with... (4 Replies)
Discussion started by: lo-lp-kl
4 Replies
5. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
6. Shell Programming and Scripting
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
Discussion started by: adisky123
4 Replies
7. SuSE
I access over 100 SUSE SLES servers as root from my admin server, via ssh sessions using ssh keys, so I don't have to enter a password. My SUSE Admin server is setup in the following manner:
1) Remote root access is turned off in the sshd_config file.
2) I am the only user of this admin... (6 Replies)
Discussion started by: dvbell
6 Replies
8. Ubuntu
We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies
chroot(2) System Calls Manual chroot(2)
NAME
chroot() - change root directory
SYNOPSIS
DESCRIPTION
causes the named directory to become the root directory, the starting point for path searches for path names beginning with path points to
a path name naming a directory. The user's working directory is unaffected by the system call.
The entry in the root directory is interpreted to mean the root directory itself. Thus, cannot be used to access files outside the subtree
rooted at the root directory.
Security Restrictions
The effective user ID of the process must be a user with the privilege to change the root directory.
See privileges(5) for more information about privileged access on systems that support fine-grained privileges.
RETURN VALUE
returns the following values:
Successful completion.
Failure.
is set to indicate the error.
ERRORS
fails and the root directory remains unchanged if one or more of the following is true:
Any component of the path name is not a directory.
The named directory does not exist or a component of the
path does not exist.
The effective user
ID is not a user who has the privilege.
path points outside the allocated address space of the process. The reliable detection of this error is implementation
dependent.
The length of the specified path name exceeds
bytes, or the length of a component of the path name exceeds bytes while is in effect.
Too many symbolic links were encountered in translating the path
name.
WARNINGS
Obsolescent Interfaces
is to be obsoleted at a future date.
SEE ALSO
chroot(1M), chdir(2), privileges(5).
STANDARDS CONFORMANCE
TO BE OBSOLETED chroot(2)