01-29-2016
Quote:
Originally Posted by
system.engineer
disabled the direct root login on all the AIX LPARs. So' only can become root by "su" to root from normal/regular user account.
This is a rather problematic setting. What are you going to do if something fails and you need to access the system via the console window from the HMC?
set "rlogin=false" but leave "login=true" for the root account! Everything else will get you into very deep kimchi once something fails. "rlogin=false login=true" means that root cannot log on from the network but can still log on from the console.
The reason why the root account has a different environment when you log in and when you
sudo su - is most probably because
sudo clears the environment before issuing
su. The DISPLAY variable is set via the
ssh because of the (implied or explicitly set)
-X switch. You can write a little wrapper script to read that variable, store its value in a temp file and then retrieve it once you switched to root, setting it again to that value (similar to what agent.kgb suggested, but automated).
I hope this helps.
bakunin
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a pretty basic XWindows question. I'm using Linux and the BASH shell. I want to connect to a machine that is running a Java IDE (we currently have I think "SlickEdit" but we're probably going to download Netbeans, Eclipse) and view the IDE on the client machine. I tried "xhost +" on the... (5 Replies)
Discussion started by: doublek321
5 Replies
2. Linux
I have written some Xwindows files would like to know how to compile them
tried this command
gcc -o main main.o -lXt -lX11
gives errors like could not find Xt & X11
help please (5 Replies)
Discussion started by: wojtyla
5 Replies
3. SCO
Hello ,
I've got a problem with my SCO 5.0.5 :
When I try to open a graphical session with any user account (login/password) ,
I get a black screen then go back to the scosession window .
For root account , there's no problem .
Any idea ?
Thanks . Regards (1 Reply)
Discussion started by: npn35
1 Replies
4. Linux
i m working on a project of making linux boot and run from a pendrive.
I have got a minimal root filesystem with busybox.
I wish to install X Server now. I downloaded the source tar balls, untarred them on the host system, used the default host.def issued commands
$make WORLDOPTS=-k World >&... (0 Replies)
Discussion started by: amu
0 Replies
5. UNIX Desktop Questions & Answers
i m working on a project of making linux boot and run from a pendrive.
I have got a minimal root filesystem with busybox.
I wish to install X Server now. I downloaded the source tar balls, untarred them on the host system, used the default host.def issued commands
$make WORLDOPTS=-k World >&... (0 Replies)
Discussion started by: amu
0 Replies
6. UNIX and Linux Applications
hi all
i have some question if any one can help me please
How get root without local ? :(
&
How get root with open port in server use the telnet ? :(
&
How get root with Buffer Overflows ? :(
please help me
thanx to all (2 Replies)
Discussion started by: iis
2 Replies
7. UNIX for Dummies Questions & Answers
the question i have is why Xwindows(GUI) is not part of kernel level but part of user level in unix while in windows the GUI (Windows manager) it is part of kernel level.
For one thing is when GUI hangs it does not crash the whole system as in Windows
But windows avoids context... (0 Replies)
Discussion started by: sandesh.syr
0 Replies
8. Shell Programming and Scripting
I have written a simple script to show battery life remaining. I would like to be able to quickly view it with a predefined keybinding or launcher.
xterm -e scriptname should do the trick but the xterm closes when the script finishes, not giving me chance to read the output. How can I keep... (3 Replies)
Discussion started by: spoovy
3 Replies
9. UNIX for Dummies Questions & Answers
I am trying to direct a AIX display to my XWindows and I am at a dead end now!
So this what I've done so far:
1. In putty settings, I set "Enable X11 forwarding" and also set "X diplay location" to "localhost:0" (without quotes, of course)
2. Via putty, connected to my AIX server
3. On... (1 Reply)
Discussion started by: shoefiend
1 Replies
10. Solaris
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies
LEARN ABOUT PHP
login.krb5
LOGIN(8) System Manager's Manual LOGIN(8)
NAME
login.krb5 - kerberos enhanced login program
SYNOPSIS
login.krb5 [-p] [-fFe username] [-r | -k | -K | -h hostname]
DESCRIPTION
login.krb5 is a modification of the BSD login program which is used for two functions. It is the sub-process used by krlogind and telnetd
to initiate a user session and it is a replacement for the command-line login program which, when invoked with a password, acquires Ker-
beros tickets for the user.
login.krb5 will prompt for a username, or take one on the command line, as login.krb5 username and will then prompt for a password. This
password will be used to acquire Kerberos Version 5 tickets (if possible.) It will also attempt to run aklog to get AFS tokens for the
user. The version 5 tickets will be tested against a local krb5.keytab if it is available, in order to verify the tickets, before letting
the user in. However, if the password matches the entry in /etc/passwd the user will be unconditionally allowed (permitting use of the
machine in case of network failure.)
OPTIONS
-p preserve the current environment
-r hostname
pass hostname to rlogind. Must be the last argument.
-h hostname
pass hostname to telnetd, etc. Must be the last argument.
-f name
Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root.
-F name
Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root.
-e name
Perform pre-authenticated, encrypted login. Must do term negotiation.
CONFIGURATION
login.krb5 is also configured via krb5.conf using the login stanza. A collection of options dealing with initial authentication are pro-
vided:
krb5_get_tickets
Use password to get V5 tickets. Default value true.
krb_run_aklog
Attempt to run aklog. Default value false.
aklog_path
Where to find it [not yet implemented.] Default value $(prefix)/bin/aklog.
accept_passwd
Don't accept plaintext passwords [not yet implemented]. Default value false.
DIAGNOSTICS
All diagnostic messages are returned on the connection or tty associated with stderr.
SEE ALSO
rlogind(8), rlogin(1), telnetd(8)
LOGIN(8)