04-10-2008
Thanks era, I will look into it.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Greetings, forgive me if this is listed in another thread somewhere, I am short on time.
I am being interviewed for the position of UNIX Database and Job code installer for a consulting firm. I have never installed or worked on a native UNIX system. I have been running Linux (RH,SuSE,Slackware)... (3 Replies)
Discussion started by: OllieTech
3 Replies
2. UNIX for Dummies Questions & Answers
Is it common in the Unix/Linux environment to install compute intensive applications on a Server system and have the client machines download the executables into memory at runtime to run locally? This model seems taxing to the network, and as I understand, has been largely abandoned in the... (1 Reply)
Discussion started by: jonwillog
1 Replies
3. Shell Programming and Scripting
Hi all, working on script to create a user acct on all our servers.
for i in `cat $host_file`; do
ssh $i /usr/bin/sudo /usr/bin/mkuser id='bpadm' gecos='NetBackup Admin' 2>&1 >> $log
done
error i get is: 3004-692 Error changing "id" to "bpadm" : Value is invalid.
I have tried this in... (1 Reply)
Discussion started by: dnidiffer
1 Replies
4. AIX
Hi all
I'm newbie
In this forum, i have posted some topics about zip and unzip a file on AIX system.
And i have some answers so that AIX can not work with zip file, and they tell me some files to zip and unzip my files on AIX such as:
zip-2.3-3.aix4.3.ppc.rpm
unzip-5.51-1.aix5.1.ppc.rpm... (2 Replies)
Discussion started by: leenguyen0101
2 Replies
5. Shell Programming and Scripting
Hi all
I am running a major script of my application in development for implementing code changes for process improvement in time. The script runs in production once in a month . It takes 8 hours 30 mins in Production server . what surprice me is , when I run the same script in development server... (9 Replies)
Discussion started by: sakthifire
9 Replies
6. Shell Programming and Scripting
I wants to create 3 users and set password for the users in 400 servers. I can run this script without error. If wants to set the password in the same command it is not working. Like that i have to create 3 users
#!/usr/bin/ksh
for server in `cat /tmp/servers`
do
echo "servername =... (5 Replies)
Discussion started by: G0kulakrishnan
5 Replies
7. Shell Programming and Scripting
Hi Y'all,
I need help adding 30 users to 50 servers.
Is there a way to automate this?
I'm using this command:
sudo mkuser pgrp=srvadm gecos=Spears, Brittney auditclasses=ALL sugroups=system,security user01
But I'm doing it per user, per server...HOW CAN I MAKE THIS EASIER?... (7 Replies)
Discussion started by: jennie28n
7 Replies
8. Shell Programming and Scripting
Hi Team,
Hope you are doing good.I am new to scripting.I have a requirement of deleting around 10 users in 100 servers.It is very time consuming by logging into each servers and delete the user.Here I have redhat 6 ,Suse linux 10&11 environment servers.
In one set of servers I have... (5 Replies)
Discussion started by: muraliinfy04
5 Replies
9. HP-UX
Hi,
This weekend there was a sudden application crash in the server.
I did not know where to start to investigate the problem, so I first looked into the /var/adm/syslog/syslog.log, and this was what I found :
Dec 17 00:38:02 L28bi01 sshd: error: accept: No buffer space available
Dec 17... (9 Replies)
Discussion started by: anaigini45
9 Replies
LEARN ABOUT LINUX
sudo_root
sudo_root(8) System Manager's Manual sudo_root(8)
NAME
sudo_root - How to run administrative commands
SYNOPSIS
sudo command
sudo -i
INTRODUCTION
By default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
the installer will set up sudo to allow the user that is created during install to run all administrative commands.
This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use a graphical
sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.
To run a command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
sudo -i.
ALLOWING OTHER USERS TO RUN SUDO
By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo, you
have to add these users to the group 'admin' by doing one of the following steps:
* In a shell, do
sudo adduser username admin
* Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.
BENEFITS OF USING SUDO
The benefits of leaving root disabled by default include the following:
* Users do not have to remember an extra password, which they are likely to forget.
* The installer is able to ask fewer questions.
* It avoids the "I can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
which should make you think about the consequences of what you are doing.
* Sudo adds a log entry of the command(s) run (in /var/log/auth.log).
* Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
not know is what the usernames of your other users are.
* Allows easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
compromising the root account.
* sudo can be set up with a much more fine-grained security policy.
* On systems with more than one administrator using sudo avoids sharing a password amongst them.
DOWNSIDES OF USING SUDO
Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:
* Redirecting the output of commands run with sudo can be confusing at first. For instance consider
sudo ls > /root/somefile
will not work since it is the shell that tries to write to that file. You can use
ls | sudo tee /root/somefile
to get the behaviour you want.
* In a lot of office environments the ONLY local user on a system is root. All other users are imported using NSS techniques such as
nss-ldap. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
leave the system unusable. An extra local user, or an enabled root password is needed here.
GOING BACK TO A TRADITIONAL ROOT ACCOUNT
This is not recommended!
To enable the root account (i.e. set a password) use:
sudo passwd root
Afterwards, edit the sudo configuration with sudo visudo and comment out the line
%admin ALL=(ALL) ALL
to disable sudo access to members of the admin group.
SEE ALSO
sudo(8), https://wiki.ubuntu.com/RootSudo
February 8, 2006 sudo_root(8)