second user with uid 0
Hi list, I need a second superuser as a service account. When I add a user and change his uid:gid entry in /etc/passwd to 0:0 this user can act as superuser. System is a SuSE 8.2 The problem is, when I add another user through yast yast seems to remove the superuser account that has been there before creating a second one (root in that case) I searched around and found SORT_PASSWD_BY_UID="no" in /etc/sysconfig/suseconfig but like stated above this Variable is allready set to no. Any other suggestions where to search for a solution? TIA marc
Why don't you use sudo instead? It's a much more secure method of providing superuser access. You can specifically limit what different users have the rights to do, which makes things more secure ultimately. Marc Samendinger wrote:
Hi list,
I need a second superuser as a service account. When I add a user and change his uid:gid entry in /etc/passwd to 0:0 this user can act as superuser.
System is a SuSE 8.2
The problem is, when I add another user through yast yast seems to remove the superuser account that has been there before creating a second one (root in that case)
I searched around and found
SORT_PASSWD_BY_UID="no"
in /etc/sysconfig/suseconfig but like stated above this Variable is allready set to no. Any other suggestions where to search for a solution?
TIA
marc
-- David M. Fetter - http://www.fetterconsulting.com/ "The world is full of power and energy and a person can go far by just skimming off a tiny bit of it." Neal Stephenson - Snow Crash
Alle 12:56 PM, mercoledì 11 giugno 2003, Marc Samendinger ha scritto:
I need a second superuser as a service account. When I add a user and change his uid:gid entry in /etc/passwd to 0:0 this user can act as superuser. [...] Any other suggestions where to search for a solution?
If you use OpenSSH (recommended) you can just add more public keys to your root account (without using double entries in /etc/passwd). If you need finer logging you can create a normal user and then grant it some privileges with su-wrapper or sudo (this may include a root shell). -- Bye, Massimiliano Hofer Nucleus
participants (3)
-
David M. Fetter
-
Marc Samendinger
-
Massimiliano Hofer