Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

my app does not recognize user "root123"

Status
Not open for further replies.

murali2104

Technical User
Jul 6, 2005
43
IN
Hi,
Our sysadmin sets up users like rootqa, root123..etc.

With that user name we can login and install all applications.
But after login if I add thise user to my application it does not recognize and throws a security error.

If I add root as the user it works fine even when I login as root123/rootqa.

Is this a problem?

bash-2.03# id root
uid=0(root) gid=1(other)
bash-2.03# id root123
uid=0(root) gid=0(root)


bash-2.03# cat /etc/passwd|grep root
root:x:0:1:Super-User:/:/sbin/sh
root123:x:0:0::/opt/root123:/bin/ksh

bash-2.03# cat /etc/group|grep root
root::0:root
bin::2:root,bin,daemon
sys::3:root,bin,sys,adm
adm::4:root,adm,daemon
uucp::5:root,uucp
mail::6:root
tty::7:root,tty,adm
lp::8:root,lp,adm
nuucp::9:root,nuucp
daemon::12:root,daemon
 
It sounds like a permissions issue, but this kind of setup is a really bad idea as all you are doing is giving another user root access with another name. You might as well just give them the root password! Giving root access to everyone is not the solution; not only is it a security risk but you are giving user access to functions that they may not understand that could have a catastrophic effect on the system.

A better solution would be to user the sudo utility. Sudo is not generally part of Unix, but is freely available. It does take some setting up, but is much better way of allowing users access that they require without giving them everything.

There is not enough information to diagnose this problem; what application is it? What exact error are you getting?

 
I agree that is pretty insecure method. You are effectively creating like three Root accounts. Sudo or RBAC is the way to go when delegating priviledges.

Could be permissions or the app is not ok with the idea of running an account that has multiple user id's.
 
The searching of userids is not expecting to see multiple entries. So when it ask "What name is mapped to uid 0?" it is only getting the name 'root', and not all the other ones. In other words, the first one is the 'right' one.

Yes, sudo or rbac (on S10) is probably the way to go.

egp
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top