Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Create another root account
Operating Systems AIX Create another root account Post 302925395 by bobochacha29 on Monday 17th of November 2014 03:53:42 AM
Old 11-17-2014
Quote:
Originally Posted by igalvarez
bootlist is a privilege command as shows:

lssecattr -c -F ALL

Code:
/usr/bin/bootlist:
        accessauths=aix.system.boot
        innateprivs=PV_DAC_R,PV_DAC_X,PV_KER_VARS
        inheritprivs=PV_AU_ADD,PV_AU_PROC,PV_DAC_R,PV_DAC_W,PV_DAC_X,PV_DEV_CONFIG,PV_KER_VARS
        secflags=FSF_EPS

In red you can see it belongs to authorizations 'aix.system.boot'
So, if you go to AIX roles

lsrole -f ALL

this authorization is part of role 'SysBoot'

I think you need to add the role 'SysBoot' to your root2 user

Hope this helps.
I already did, but it didn't work. I'm working with aix 6.1

Code:
  root2@test01> lsuser -a roles root2
  root2 roles=AccountAdmin,so,FSAdmin,sa,BackupRestore,DomainAdmin,SecPolicy,SysBoot,SysConfig,isso,testrole
  root2@test01> swrole SysBoot
  root2's Password: 
  root2@test01> bootlist -m normal -o
  root2@test01> swrole testrole
  root2's Password: 
  root2@test01> bootlist -m normal -o
  hdisk0 blv=hd5 pathid=0
  hdisk5 blv=hd5 pathid=0

 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

create or modify user account to have same access as root

Is there a way to create or better yet modify a user account so it has the same privs as root? (6 Replies)
Discussion started by: xadamz23
6 Replies

2. AIX

root account has been locked

I'am set the root account locked ON, using smitty, so I can't login or su with root user in my AIX system, some one can help me to unlock root account login ???, sample : :~>su root's Password: 3004-301 Your account has been locked; please see the system administrator. 3004-501 Cannot su to... (1 Reply)
Discussion started by: Maker
1 Replies

3. Solaris

Renaming of root account

Hi, I have solaris 7. Just for implementing security on my system, I would like to know can I rename the root account to something else. After renaming will my os still function properly. Regards, (2 Replies)
Discussion started by: RajaRC
2 Replies

4. UNIX for Advanced & Expert Users

Root account is expired

Hi all, I am using redhat linux version 9 .I am unable to login to the system and i am getting a warninig sorry root account is expired . How can i activate the account. (2 Replies)
Discussion started by: mallesh
2 Replies

5. AIX

Can't login root account due to can't find root shell

Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in. I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies

6. Solaris

Root account - disable expiry

I couldnt find this in any other post - so hoping someone can help out. I want to set password expiry (or rather I have to) for a number of users on my solaris 9 system. I know i can set the following options in the /etc/default/passwd file to do it and then just type a passwd -f <username> to... (6 Replies)
Discussion started by: frustrated1
6 Replies

7. UNIX for Dummies Questions & Answers

Root account!

Is it possible to create more than one root account? Thanks, Jorge (4 Replies)
Discussion started by: jofonseca99
4 Replies

8. Solaris

how to su - from non root acount to non root account

HI i am trying to give su access to some users say X Y and Z to a account AB . I am able to give them su access to root with the help of sudoers file but i want to give them password less access to AB account which i am not able to do . I want to this when user X fires "su - AB" he is not... (9 Replies)
Discussion started by: rishiraaz
9 Replies

9. Solaris

Recover root account

Hi everyone! I've got a problem caused by another who did: - He create an user and grant the group (1) to this - The problem appears as "Permission deined when reboot the Server Dec 21 09:13:09 payment dtlogin: open_pam_conf: Owner of /etc/pam.conf is not root Dec 21... (4 Replies)
Discussion started by: trantuananh24hg
4 Replies

LEARN ABOUT SUNOS

roles

roles(1)							   User Commands							  roles(1)

NAME

       roles - print roles granted to a user

SYNOPSIS

       roles [ user ...]

DESCRIPTION

       The  command  roles  prints  on	standard  output  the roles that you or the optionally-specified user have been granted. Roles are special
       accounts that correspond to a functional responsibility rather than to an actual person (referred to as a normal user).

       Each user may have zero or more roles. Roles have most of the attributes of normal users and are identified like normal users in  passwd(4)
       and  shadow(4). Each role must have an entry in the user_attr(4) file that identifies it as a role. Roles can have their own authorizations
       and profiles. See auths(1) and profiles(1).

       Roles are not allowed to log into a system as a primary user. Instead, a user must log in as him-- or herself  and  assume  the	role.  The
       actions of a role are attributable to the normal user. When auditing is enabled, the audited events of the role contain the audit ID of the
       original user who assumed the role.

       A role may not assume itself or any other role. Roles are not hierarchical. However, rights profiles (see  prof_attr(4))  are  hierarchical
       and can be used to achieve the same effect as hierarchical roles.

       Roles must have valid passwords and one of the shells that interprets profiles: either pfcsh, pfksh, or pfsh. See pfexec(1).

       Role assumption may be performed using su(1M), rlogin(1), or some other service that supports the PAM_RUSER variable. Successful assumption
       requires knowledge of the role's password and membership in the role. Role assignments are specified in user_attr(4).

EXAMPLES

       Example 1: Sample output

       The output of the roles command has the following form:

       example% roles tester01 tester02
       tester01 : admin
       tester02 : secadmin, root
       example%

EXIT STATUS

       The following exit values are returned:

       0	Successful completion.

       1	An error occurred.

FILES

       /etc/user_attr

       /etc/security/auth_attr

       /etc/security/prof_attr

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       auths(1), pfexec(1), profiles(1), rlogin(1), su(1M), getauusernam(3BSM), auth_attr(4), passwd(4),  prof_attr(4),  shadow(4),  user_attr(4),
       attributes(5)

SunOS 5.10							    14 Feb 2001 							  roles(1)
All times are GMT -4. The time now is 11:04 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy