Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Root login in Linux - does it make sense?
Special Forums Cybersecurity Root login in Linux - does it make sense? Post 302728083 by Corona688 on Wednesday 7th of November 2012 10:26:19 AM
Old 11-07-2012
I think you've taken my position a little farther than I've meant it. I do login as root on occasion. I just don't allow root to login externally. That's what sudo's for -- it gives you the same thing in a less blunt, more careful way.
Quote:
Originally Posted by bakunin
Still, apart from private usage there is the corporate usage of Linux systems. Administrating up to several hundreds of (maybe virtualized) Linux systems typically involves carrying out one command on several or all systems in parallel. If i want to know which systems have a certain package/version combination installed I'd issue some rpm-command on all systems, for instance, to find out which systems need a certain update.
If you allow 'sudo su -' you might as well allow sudo to do other things since you have zero effective restrictions anyway. I have one sudo-enabled user that I use for administrative things. So you're left with the enormous hassle of 5 extra keystrokes per command.

Granted, I have made that particular user very difficult to get to via anything but ssh keys. The keys themselves are password protected, too. I login once in the morning, ssh-agent, and have access to my servers throughout the day.

Sometimes I'll push a job into root's cron table if I really need to run an awful lot of root commands.
 

9 More Discussions You Might Find Interesting

1. Answers to Frequently Asked Questions

Lost root password / Can't login as root

We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies

2. Linux Benchmarks

Linux Benchmarks Makes No Sense

I created two computers with identical hardware, and run the benchmark programs in both starting at the same exact time. What makes no sense is that the computer that has the lower average index (121) finished the race a good 30 minutes ahead of the computer wich showed the higher avg index... (0 Replies)
Discussion started by: philip_38
0 Replies

3. AIX

Can't login root account due to can't find root shell

Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in. I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies

4. High Performance Computing

Rocks clusters make sense for educational environments

08-18-2008 11:00 AM Cluster computing has played a pivotal role in the way research is conducted in educational environments. Because the amount of available money and hardware varies between university researchers, often it's necessary to find a clustering solution that can work well on a small... (0 Replies)
Discussion started by: Linux Bot
0 Replies

5. UNIX for Dummies Questions & Answers

a for loop that doesn't make sense

I've been referring bash info for processes and came across a structure for a process which is defined like typedef struct process { struct process *next; char ** argv . . . }process; What I don't understand is that in the program there's a for loop which goes like this job... (2 Replies)
Discussion started by: sdsd
2 Replies

6. UNIX for Dummies Questions & Answers

trying to make sense of rsync output...

I'm running the following rsync command to sync a directory between the 2 servers: rsync -az --delete --stats /some_dir/ server_name:/some_dir I'm getting the following output: Number of files: 655174 Number of files transferred: 14221 Total file size: 1138531979331 bytes Total... (0 Replies)
Discussion started by: GKnight
0 Replies

7. UNIX for Advanced & Expert Users

sar -d output... does not make sense

Can someone explain the correlation between how sar names the disk drives and how the rest of the OS names the disk drives? sar lists my disk drives as sd0, sd1, sd2, etc..... while format lists my disk drives as c1t0d0, c1t1d0, c1t2d0,etc... And also why sar shows 8 disks but format... (2 Replies)
Discussion started by: s ladd
2 Replies

8. Red Hat

How to make a Password-Less Login from Windows to Linux using OpenSSH?

I installed the OpenSSH on my Windows Machine. I want to connect to the remote Linux machine without typing password. I followed the bellow instructions but the SSH needs password to establish the connection yet. Open CMD and run: ssh-keygen -t rsa (The public and private keys are generated in... (1 Reply)
Discussion started by: manoj.solaris
1 Replies

9. Red Hat

Does it make sense to reduce the total shared memory

We have several dozen Redhat 5, 6 and 7 servers that are running Oracle databases. On some databases we are using automatic memory management, which uses shared memory. On other databases we are use manual memory management, which does not use shared memory. When I see that a server is swapping... (2 Replies)
Discussion started by: gandolf989
2 Replies

LEARN ABOUT SUSE

getcpu

GETCPU(2)						     Linux Programmer's Manual							 GETCPU(2)

NAME

       getcpu - determine CPU and NUMA node on which the calling thread is running

SYNOPSIS

       #include <linux/getcpu.h>

       int getcpu(unsigned *cpu, unsigned *node, struct getcpu_cache *tcache);

DESCRIPTION

       The getcpu() system call identifies the processor and node on which the calling thread or process is currently running and writes them into
       the integers pointed to by the cpu and node arguments.  The processor is a unique small integer identifying a CPU.  The node  is  a  unique
       small identifier identifying a NUMA node.  When either cpu or node is NULL nothing is written to the respective pointer.

       The third argument to this system call is nowadays unused.

       The  information  placed  in  cpu  is  only  guaranteed to be current at the time of the call: unless the CPU affinity has been fixed using
       sched_setaffinity(2), the kernel might change the CPU at any time.  (Normally this does not happen because the scheduler tries to  minimize
       movements  between CPUs to keep caches hot, but it is possible.)  The caller must be prepared to handle the situation when cpu and node are
       no longer the current CPU and node.

VERSIONS

       getcpu() was added in kernel 2.6.19 for x86_64 and i386.

CONFORMING TO

       getcpu() is Linux specific.

NOTES

       Linux makes a best effort to make this call as fast possible.  The intention of getcpu() is to allow programs to  make  optimizations  with
       per-CPU data or for NUMA optimization.

       Glibc does not provide a wrapper for this system call; call it using syscall(2); or use sched_getcpu(3) instead.

       The  tcache  argument  is  unused  since Linux 2.6.24.  In earlier kernels, if this argument was non-NULL, then it specified a pointer to a
       caller-allocated buffer in thread-local storage that was used to provide a caching mechanism for getcpu().  Use of the  cache  could  speed
       getcpu()  calls,  at the cost that there was a very small chance that the returned information would be out of date.  The caching mechanism
       was considered to cause problems when migrating threads between CPUs, and so the argument is now ignored.

SEE ALSO

       mbind(2), sched_setaffinity(2), set_mempolicy(2), sched_getcpu(3), cpuset(7)

COLOPHON

       This page is part of release 3.25 of the Linux man-pages project.  A description of the project, and information about reporting bugs,  can
       be found at http://www.kernel.org/doc/man-pages/.

Linux								    2008-06-03								 GETCPU(2)
All times are GMT -4. The time now is 07:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy