Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Problems creating and accessing with user
Operating Systems HP-UX Problems creating and accessing with user Post 303002038 by MadeInGermany on Wednesday 16th of August 2017 02:35:15 PM
Old 08-16-2017
There is UID 0 for root.
By adding a second UID 0 user you make it an alias for root.
Still it logs in with its separate password.
I don't know why the login fails. Look at error messages in /var/adm/syslog/syslog.log
How do you login? With ssh? Then, perhaps there is "PermitRootLogin no" in sshd_config, and sshd treats all UID 0 users accordingly.

Once logged in as the alias user, a "whoami" will say "root". Some odd things can happen.
So userdel fails because it sees that "root" has running processes.

Adding a second UID 0 account is no good practice.
A better way is sudo and an appropriate entry in sudoers file.
Code:
man sudo
man sudoers

 

9 More Discussions You Might Find Interesting

1. SuSE

SUSE 9 - problems accessing CD ROM drive

I've got SUSE 9 installed on a removable hard drive and the system is up and running fine. I'm trying to copy stuff off a CD onto one of my Linux partitions but I am getting an errors : * Could not read /media/cdrom/file1.tar.tar I can browse to the file location on the CD by using the... (11 Replies)
Discussion started by: GandalfWhite
11 Replies

2. UNIX for Dummies Questions & Answers

Limit number of user accessing to SCO UNIX System

Hi, In my company, we are using SCO UNIX system and Informix database. Recently, there have been a lot of users accessing to server and sometimes it has made server run very slow. So, I intend to limit number of users of 30 only. Although I have tried to search on the Internet for several days,... (1 Reply)
Discussion started by: trinhnguyen
1 Replies

3. AIX

Limiting length of user in while creating user

Hi all, I am a newbe to aix 5.2. I want to specify the characters used by users while creating user in aix like specifying the length of the password should i use some sript for that if it is then please let me know how to do this if yes give me the link for the scripts. Thanks in advance ... (2 Replies)
Discussion started by: Satya Mishra
2 Replies

4. AIX

NIM Problems creating a mksysb_resource

Has anyone run into issues creating a mksysb_resource via NIM? We get the following messages 0042-001 nim: processing error encountered on "master": 0042-006 m_mkbosi: (From_Master) connect A remote host refused an attempted connect operation. This happens on the LPARs on the same... (4 Replies)
Discussion started by: pdtak
4 Replies

5. Linux

Sabayon - KDE4.2 Problems accessing system management - all greyed out

I have just loaded Sabayon KDE4.2. I have a 64bit comp and have tried several Linux/Unix os and have had problems with all of them and now it seems this one as well. I can't load my printer up and I cannot access any login management. I have had trouble accessing my Login Manager. I have looked... (3 Replies)
Discussion started by: Tony_photoplus
3 Replies

6. Shell Programming and Scripting

[SSH] Accessing remote directory with user-passed path

Hi everybody, Currently, I have a script which access a remote computer via SSH, go to a folder already defined in the code and then executes a program in it, just like that: ssh user@host << EOI cd path ./file EOI It executes fine, but now I want to pass an argument in the command... (2 Replies)
Discussion started by: lgb3
2 Replies

7. Shell Programming and Scripting

Creating Frequency of words from a file by accessing a corpus

Hello, I have a large file of syllables /strings in Urdu. Each word is on a separate line. Example in English: be at for if being attract I need to identify the frequency of each of these strings from a large corpus (which I cannot attach unfortunately because of size limitations) and... (7 Replies)
Discussion started by: gimley
7 Replies

8. UNIX for Beginners Questions & Answers

Accessing the user space of one OS from within another.

Recently, I setup a dual boot on this PC. I can currently jump from Ubuntu 12.04 and 16.04. What I would like to be able to do is access the home directory of my 16.04 OS from within the 12.04, is that possible? I can mount the partition of the hard drive where 16.04 lives from within 12.04 but it... (4 Replies)
Discussion started by: Circuits
4 Replies

9. UNIX for Advanced & Expert Users

Prevent user from creating new user from his login

Hi Experts, Need your support Redhat 6.5 I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login to perform any task. (10 Replies)
Discussion started by: as7951
10 Replies

LEARN ABOUT CENTOS

nx_server_selinux

nx_server_selinux(8)				      nx_server SELinux Policy documentation				      nx_server_selinux(8)

NAME

       nx_server_r - nx_server user role - Security Enhanced Linux Policy

DESCRIPTION

       SELinux supports Roles Based Access Control (RBAC), some Linux roles are login roles, while other roles need to be transition into.

       Note: Examples in this man page will use the staff_u SELinux user.

       Non  login  roles  are usually used for administrative tasks. For example, tasks that require root privileges.  Roles control which types a
       user can run processes with. Roles often have default types assigned to them.

       The default type for the nx_server_r role is nx_server_t.

       The newrole program to transition directly to this role.

       newrole -r nx_server_r -t nx_server_t

       sudo is the preferred method to do transition from one role to another.	You setup sudo to transition to nx_server_r by	adding	a  similar
       line to the /etc/sudoers file.

       USERNAME ALL=(ALL) ROLE=nx_server_r TYPE=nx_server_t COMMAND

       sudo will run COMMAND as staff_u:nx_server_r:nx_server_t:LEVEL

       When using a a non login role, you need to setup SELinux so that your SELinux user can reach nx_server_r role.

       Execute the following to see all of the assigned SELinux roles:

       semanage user -l

       You  need  to  add nx_server_r to the staff_u user.  You could setup the staff_u user to be able to use the nx_server_r role with a command
       like:

       $ semanage user -m -R 'staff_r system_r nx_server_r' staff_u

BOOLEANS

       SELinux policy is customizable based on least access required.  nx_server policy is extremely flexible and has several booleans that  allow
       you to manipulate the policy and run nx_server with the tightest access possible.

       If  you	want  to  deny	any  process  from ptracing or debugging any other processes, you must turn on the deny_ptrace boolean. Enabled by
       default.

       setsebool -P deny_ptrace 1

       If you want to allow all domains to use other domains file descriptors, you must turn on the domain_fd_use boolean. Enabled by default.

       setsebool -P domain_fd_use 1

       If you want to allow all domains to have the kernel load modules, you must turn on  the	domain_kernel_load_modules  boolean.  Disabled	by
       default.

       setsebool -P domain_kernel_load_modules 1

       If you want to allow all domains to execute in fips_mode, you must turn on the fips_mode boolean. Enabled by default.

       setsebool -P fips_mode 1

       If you want to enable reading of urandom for all domains, you must turn on the global_ssp boolean. Disabled by default.

       setsebool -P global_ssp 1

MANAGED FILES

       The  SELinux  process  type nx_server_t can manage files labeled with the following file types.	The paths listed are the default paths for
       these file types.  Note the processes UID still need to have DAC permissions.

       nx_server_home_ssh_t

	    /opt/NX/home/nx/.ssh(/.*)?
	    /usr/NX/home/nx/.ssh(/.*)?
	    /var/lib/nxserver/home/.ssh(/.*)?

       nx_server_tmp_t

       nx_server_var_lib_t

	    /opt/NX/home(/.*)?
	    /usr/NX/home(/.*)?
	    /var/lib/nxserver(/.*)?

       nx_server_var_run_t

	    /opt/NX/var(/.*)?

       ssh_home_t

	    /var/lib/[^/]+/.ssh(/.*)?
	    /root/.ssh(/.*)?
	    /var/lib/one/.ssh(/.*)?
	    /var/lib/pgsql/.ssh(/.*)?
	    /var/lib/openshift/[^/]+/.ssh(/.*)?
	    /var/lib/amanda/.ssh(/.*)?
	    /var/lib/stickshift/[^/]+/.ssh(/.*)?
	    /var/lib/gitolite/.ssh(/.*)?
	    /var/lib/nocpulse/.ssh(/.*)?
	    /var/lib/gitolite3/.ssh(/.*)?
	    /var/lib/openshift/gear/[^/]+/.ssh(/.*)?
	    /root/.shosts
	    /home/[^/]*/.ssh(/.*)?
	    /home/[^/]*/.ansible/cp/.*
	    /home/[^/]*/.shosts

COMMANDS

       semanage fcontext can also be used to manipulate default file context mappings.

       semanage permissive can also be used to manipulate whether or not a process type is permissive.

       semanage module can also be used to enable/disable/install/remove policy modules.

       semanage boolean can also be used to manipulate the booleans

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was auto-generated using sepolicy manpage .

SEE ALSO

       selinux(8),   nx_server(8),   semanage(8),    restorecon(8),    chcon(1),    sepolicy(8)    ,	setsebool(8),	 nx_server_ssh_selinux(8),
       nx_server_ssh_selinux(8)

mgrepl@redhat.com						     nx_server						      nx_server_selinux(8)
All times are GMT -4. The time now is 11:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy