Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Cronjob for root password change.
Top Forums Shell Programming and Scripting Cronjob for root password change. Post 302903735 by rbatte1 on Thursday 29th of May 2014 09:19:21 AM
Old 05-29-2014
I would never give the application team access.

If you hand over access to root then you have no idea what they could insert. Consider that they put on a service for a port that they choose and have it run the Korn shell. From any other server, a simple telnet to that port will fire up a Korn shell and give them root access again.

There are a myriad of other possibilities too. You need to turn this completely around.

Find out:-
  • What they need to do
  • Why they think they must have root access
I would bet that they can't, but it's just convenient. I f you feel you really have to, use sudo to grant them the minimum privilege to do their work and if you have concerns that they could escape to a shell or set a script to SUID etc., then keep them away from it.

Even something as critical as creating an Oracle database does not need the DBA to have root authority. True, someone has to install the software and allocate disk space etc. but that is your job.

Perhaps have them tell you what to do and you drive the process if you are happy with it.


If you have a really great car and you give them the key, what's to stop them copying the key and borrowing it when you're not looking and getting you speeding points or just wrecking it and running away?

Would you give them the password and trust them to make an update on your on-line bank account without stealing the cash?



Be honest with yourself. If they mess it up, who is in the firing line?


Just my opinion.

Robin
 

9 More Discussions You Might Find Interesting

1. HP-UX

How to change root password on HP UX

Hello, I try to make a change on the root password on HP UX. I use sam but it didn't work here. I try to login as root but I failed however, I login to my name and then change to su and su password then it is o.k There is not much different from root and su but how do we use root? Thanks so... (4 Replies)
Discussion started by: mle06
4 Replies

2. Solaris

change root password

Hi, please advise me what is the simplest way to change root password on Sun Sparc 64 bit with Solaris 9 on it. Thanks in advance. (3 Replies)
Discussion started by: duke0001
3 Replies

3. HP-UX

Change root password?

Hello! I forget the root password and I need to change it. I've read others threads about it in this forum, but it seems it's necessary to modify /etc/passwd file. In my HPUX Systems this passwd file have only "read" permissions ant its owner is the root user, so how can i modify this file, if I... (4 Replies)
Discussion started by: kaugrs
4 Replies

4. HP-UX

How to change ROOT password.

Hi, we have a HP-UX server of model 9000/800/rp4440. We have been trying to reset the root password but are in vain.I used the following command and also are the outputs which i have received. # passwd Changing password for root New password: Re-enter new password: Unexpected failure.... (3 Replies)
Discussion started by: angelofhell
3 Replies

5. Solaris

Root Password change

Hi All, I would like to find out when the root password changed last time..! :p Please guys help me Out (2 Replies)
Discussion started by: bullz26
2 Replies

6. Shell Programming and Scripting

how to change root password using shell script with standard password

Hi Friends. I am new to scripting now i want to change the root password using the script with standard password. which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies

7. Solaris

Solaris 8 - Asks for current root password when trying to change root password.

Hello All, I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies

8. Ubuntu

Root access that can't change root password?

We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies

9. UNIX for Beginners Questions & Answers

Can a root role change the root password in Solaris 10?

i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet. and do i have to use the # chgkey -p afterwards? i need to patch is why i am asking. thanks (1 Reply)
Discussion started by: goya
1 Replies

LEARN ABOUT CENTOS

mkpasswd

MKPASSWD(1)						      General Commands Manual						       MKPASSWD(1)

NAME

       mkpasswd - generate new password, optionally apply it to a user

SYNOPSIS

       mkpasswd [ args ] [ user ]

INTRODUCTION

       mkpasswd generates passwords and can apply them automatically to users.	mkpasswd is based on the code from Chapter 23 of the O'Reilly book
       "Exploring Expect".

USAGE

       With no arguments, mkpasswd returns a new password.

	    mkpasswd

       With a user name, mkpasswd assigns a new password to the user.

	    mkpasswd don

       The passwords are randomly generated according to the flags below.

FLAGS

       The -l flag defines the length of the password.	The default is 9.  The following example creates a 20 character password.

	    mkpasswd -l 20

       The -d flag defines the minimum number of digits that must be in the password.  The default is 2.  The following example creates a password
       with at least 3 digits.

	    mkpasswd -d 3

       The -c flag defines the minimum number of lowercase alphabetic characters that must be in the password.	The default is 2.

       The -C flag defines the minimum number of uppercase alphabetic characters that must be in the password.	The default is 2.

       The -s flag defines the minimum number of special characters that must be in the password.  The default is 1.

       The -p flag names a program to set the password.  By default, /etc/yppasswd is used if present, otherwise /bin/passwd is used.

       The  -2 flag causes characters to be chosen so that they alternate between right and left hands (qwerty-style), making it harder for anyone
       watching passwords being entered.  This can also make it easier for a password-guessing program.

       The -v flag causes the password-setting interaction to be visible.  By default, it is suppressed.

EXAMPLE

       The following example creates a 15-character password that contains at least 3 digits and 5 uppercase characters.

	    mkpasswd -l 15 -d 3 -C 5

SEE ALSO

       "Exploring Expect: A Tcl-Based Toolkit for Automating Interactive Programs" by Don Libes, O'Reilly and Associates, January 1995.

AUTHOR

       Don Libes, National Institute of Standards and Technology

       mkpasswd is in the public domain.  NIST and I would appreciate credit if this program or parts of it are used.

								  22 August 1994						       MKPASSWD(1)
All times are GMT -4. The time now is 02:51 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy