Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Too many users with root password
Special Forums UNIX Desktop Questions & Answers Too many users with root password Post 302362676 by frank_rizzo on Friday 16th of October 2009 09:56:29 PM
Old 10-16-2009
if the people with root access cannot be trusted then the removal of the su log is the least of your worries.

but... one thing you could do is setup a remote syslog server with limited access and configure all of the UNIX clients to log to that server. This would prevent the logs from being tampered with. Make sure the same people with root cannot access that server. This would only be part of the solution but might prove very useful.
 

10 More Discussions You Might Find Interesting

1. Answers to Frequently Asked Questions

Lost root password / Can't login as root

We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies

2. Linux

how to access root priveliges if root password is lost

wish to know how to access root password it root password is forgotten in linux (1 Reply)
Discussion started by: wojtyla
1 Replies

3. UNIX for Dummies Questions & Answers

I need it to prompt me for a root password, so I don't have to log as root

Hi folks, I'm trying to install a program, and I want to place some of the executables into /usr/bin so that they can be executed from any folder on the computer. I've been giveng the root password, but told never to log in directly as root. Instead, I can wait for a password prompt. However, I... (2 Replies)
Discussion started by: lunchtime
2 Replies

4. UNIX for Dummies Questions & Answers

tracking root users

Hi everyone hope you can help me i have 5 root users and the problem with that is how can you see witch root user did what on the box how can you track the users that played on the servers. 1) What commands they typed (in linux you get history ) 2) From witch ip did they connect to the server (3 Replies)
Discussion started by: sucram
3 Replies

5. Shell Programming and Scripting

how to change root password using shell script with standard password

Hi Friends. I am new to scripting now i want to change the root password using the script with standard password. which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies

6. Solaris

Solaris 8 - Asks for current root password when trying to change root password.

Hello All, I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies

7. Solaris

Lost Root Password on VXVM Encapsulated Root Disk

Hi All Hope it's okay to post on this sub-forum, couldn't find a better place I've got a 480R running solaris 8 with veritas volume manager managing all filesystems, including an encapsulated root disk (I believe the root disk is encapsulated as one of the root mirror disks has an entry under... (1 Reply)
Discussion started by: sunnyd76
1 Replies

8. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

9. Ubuntu

Root access that can't change root password?

We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies

10. UNIX for Beginners Questions & Answers

Can a root role change the root password in Solaris 10?

i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet. and do i have to use the # chgkey -p afterwards? i need to patch is why i am asking. thanks (1 Reply)
Discussion started by: goya
1 Replies

LEARN ABOUT NETBSD

rump_sp

RUMP_SP(7)					       BSD Miscellaneous Information Manual						RUMP_SP(7)

NAME

     rump_sp -- rump remote system call support

DESCRIPTION

     The rump_sp facility allows clients to attach to a rump kernel server over a socket and perform system calls.  While making a local rump sys-
     tem call is faster than calling the host kernel, a remote system call over a socket is slower.  This facility is therefore meant mostly for
     operations which are not performance critical, such as configuration of a rump kernel server.

   Clients
     The NetBSD base system comes with multiple preinstalled clients which can be used to configure a rump kernel and request diagnostic informa-
     tion.  These clients run as hybrids partially in the host system and partially against the rump kernel.  For example, network-related clients
     will typically avoid making any file system related system calls against the rump kernel, since it is not guaranteed that a rump network
     server has file system support.  Another example is DNS: since a rump server very rarely has a DNS service configured, host networking is
     used to do DNS lookups.

     Some examples of clients include rump.ifconfig which configures interfaces, rump.sysctl which is used to access the sysctl(7) namespace and
     rump.traceroute which is used to display a network trace starting from the rump kernel.

     Also, almost any unmodified dynamically linked application (for example telnet(1) or ls(1)) can be used as a rump kernel client with the help
     of system call hijacking.	See rumphijack(3) for more information.

   Connecting to the server
     A remote rump server is specified using an URL.  Currently two types of URLs are supported: TCP and local domain sockets.	The TCP URL is of
     the format tcp://ip.address:port/ and the local domain URL is unix://path.  The latter can accept relative or absolute paths.  Note that
     absolute paths require three leading slashes.

     To preserve the standard usage of the rump clients' counterparts the environment variable RUMP_SERVER is used to specify the server URL.  To
     keep track of which rump kernel the current shell is using, modifying the shell prompt is recommended -- this is analoguous to the visual
     clue you have when you login from one machine to another.

   Client credentials and access control
     The current scheme gives all connecting clients root credentials.	It is recommended to take precautions which prevent unauthorized access.
     For a unix domain socket it is enough to prevent access to the socket using file system permissions.  For TCP/IP sockets the only available
     means is to prevent network access to the socket with the use of firewalls.  More fine-grained access control based on cryptographic creden-
     tials may be implemented at a future date.

EXAMPLES

     Get a list of file systems supported by a rump kernel server (in case that particular server does not support file systems, an error will be
     returned):

	   $ env RUMP_SERVER=unix://sock rump.sysctl vfs.generic.fstypes

SEE ALSO

     rump_server(1), rump(3), rumpclient(3), rumphijack(3)

HISTORY

     rump_sp first appeared in NetBSD 6.0.

BSD
								 February 7, 2011							       BSD
All times are GMT -4. The time now is 08:40 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy