10-29-2018
Well, if you cannot / are forbidden to use tools at your disposal...
As Robin suggested, only half sane response is to use a root crontab on each box, with a shell script to check for file, perhaps read it for additional info (like last restart).
Then you can just login with user gis, touch a file and restart will happen or similar action required.
Be careful to sanitize the input and limit the script to root only (700 for instance).
User gis umask and permission as tight as you can, and create a directory which can only be modified by that specific user.
Consider that script and a file to be a security issue and treat the user input like cancer.
This above is all wrong and existing methods should be used rather, various much more secure tools exist today.
Using keys or passwords, direct root login is still a great security risk and should be avoided at all costs.
Folks keep those keys on personal computers, mobiles phones and such and are in general careless.
Hope that helps
Regards
Peasant.
This User Gave Thanks to Peasant For This Post:
10 More Discussions You Might Find Interesting
1. Answers to Frequently Asked Questions
We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies
2. Linux
wish to know how to access root password it root password is forgotten in linux (1 Reply)
Discussion started by: wojtyla
1 Replies
3. UNIX for Dummies Questions & Answers
Hi folks,
I'm trying to install a program, and I want to place some of the executables into /usr/bin so that they can be executed from any folder on the computer. I've been giveng the root password, but told never to log in directly as root. Instead, I can wait for a password prompt. However, I... (2 Replies)
Discussion started by: lunchtime
2 Replies
4. UNIX for Advanced & Expert Users
Hello. I searched the internet for answers and don't seem to find any for about a day now.
My problem. I want to su to a non-root account non-interactively, e.g. if I want to temporarily become prdusr, I want to su prdusr without keying prdusr's password every time.
What I want is... (10 Replies)
Discussion started by: royale-sojin
10 Replies
5. Shell Programming and Scripting
Hi Friends.
I am new to scripting now i want to change the root password using the script with standard password.
which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies
6. Solaris
Hello All,
I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies
7. Shell Programming and Scripting
I have several clients (over 120) connected to my server. I want to push some patch to all the client using a script which copies the file from the server to a specific path on the client and then installs it.
But for installation of the patch, it needs to be done thorough root login on client.... (7 Replies)
Discussion started by: shahdeo
7 Replies
8. Solaris
Hi All
Hope it's okay to post on this sub-forum, couldn't find a better place
I've got a 480R running solaris 8 with veritas volume manager managing all filesystems, including an encapsulated root disk (I believe the root disk is encapsulated as one of the root mirror disks has an entry under... (1 Reply)
Discussion started by: sunnyd76
1 Replies
9. Ubuntu
We are having a little problem on a server. We want that some users should be able to do e.g. sudo and become root, but with the restriction that the user can't change root password. That is, a guarantee that we still can login to that server and become root no matter of what the other users will... (2 Replies)
Discussion started by: 244an
2 Replies
10. UNIX for Beginners Questions & Answers
i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet.
and do i have to use the # chgkey -p afterwards?
i need to patch is why i am asking.
thanks (1 Reply)
Discussion started by: goya
1 Replies
LEARN ABOUT REDHAT
passwd
PASSWD(5) File formats PASSWD(5)
NAME
passwd - password file
DESCRIPTION
Passwd is a text file, that contains a list of the system's accounts, giving for each account some useful information like user ID, group
ID, home directory, shell, etc. Often, it also contains the encrypted passwords for each account. It should have general read permission
(many utilities, like ls(1) use it to map user IDs to user names), but write access only for the superuser.
In the good old days there was no great problem with this general read permission. Everybody could read the encrypted passwords, but the
hardware was too slow to crack a well-chosen password, and moreover, the basic assumption used to be that of a friendly user-community.
These days many people run some version of the shadow password suite, where /etc/passwd has *'s instead of encrypted passwords, and the
encrypted passwords are in /etc/shadow which is readable by the superuser only.
Regardless of whether shadow passwords are used, many sysadmins use a star in the encrypted password field to make sure that this user can
not authenticate him- or herself using a password. (But see the Notes below.)
If you create a new login, first put a star in the password field, then use passwd(1) to set it.
There is one entry per line, and each line has the format:
account:password:UID:GID:GECOS:directory:shell
The field descriptions are:
account the name of the user on the system. It should not contain capital letters.
password the encrypted user password or a star.
UID the numerical user ID.
GID the numerical primary group ID for this user.
GECOS This field is optional and only used for informational purposes. Usually, it contains the full user name. GECOS means
General Electric Comprehensive Operating System, which has been renamed to GCOS when GE's large systems division was sold
to Honeywell. Dennis Ritchie has reported: "Sometimes we sent printer output or batch jobs to the GCOS machine. The gcos
field in the password file was a place to stash the information for the $IDENTcard. Not elegant."
directory the user's $HOME directory.
shell the program to run at login (if empty, use /bin/sh). If set to a non-existing executable, the user will be unable to
login through login(1).
NOTE
If you want to create user groups, their GIDs must be equal and there must be an entry in /etc/group, or no group will exist.
If the encrypted password is set to a star, the user will be unable to login using login(1), but may still login using rlogin(1), run
existing processes and initiate new ones through rsh(1), cron(1), at(1), or mail filters, etc. Trying to lock an account by simply chang-
ing the shell field yields the same result and additionally allows the use of su(1).
FILES
/etc/passwd
SEE ALSO
passwd(1), login(1), su(1), group(5), shadow(5)
1998-01-05 PASSWD(5)