I think perhaps in this line of discussion, one must ask what the benefits are for having two account names with the same userIDNumber, and what the possible side effects of this action are. Based on the answer to those two questions, and the security requirements of the system in question you can then take the appropriate action. When administering Solaris systems prior to 5.7, I've found it convenient to have a duplicate root user who's home directory and shell are different from the default. On systems running older or improperly configured versions of sendmail for instance, this could have allowed security compromises which would not have otherwise occurred. However, Sun has always said that you shouldn't change the login shell or home directory of the user 'root'. Indeed, earlier versions of Solaris did depend on 'root' having a certain shell. As my experience has grown I've discovered that this warning from Sun is only in place to make it easier for their support technicians to troubleshoot issues remotely. Now then... By default, failed login or su attempts to the 'root' username are logged extensively, including sending a notification to any users logged in with the userIDNumber of 0. Other userNames whose userIDNumber is 0 may not be logged in such a manner. Perhaps we could count this as reason number one, and depending upon the security requirements of the system in question this alone could be enough. On most systems, Authentication and Authorization are interlinked so tightly that the distinction between the two becomes blurred. You authenticate based on your userName, principalName, etcetera. You are then counted by the operating system as Authorized for access to given functionality usually according to your userIDNumber, which was derived from your userName. Only in the realm of new media (web applications) has the userName taken precedence over the userIDNumber. Further, we have the question of system accounting. Most accounting systems will take the first userName found with a given userIDNumber to be the username of all actions performed by that userIDNumber. For systems requiring C2 level or above security, having two userNames with the same userIDNumber immediately removes your clearance, as you cannot prove with reasonable effort which userName was logged in as that userIDNumber. So in conclusion, I will state that duplicate logins with differing userNames are a bad idea in my opinion, dependant upon security and accounting requirements. I cannot state that I have not committed the sin of having done so, but I stand by the conclusion. In the instance of modern POSIX compliant systems running ssh, I can see no true benefit to having a secondary root account. I count Linux as a modern POSIX compliant system. Startup and shutdown scripts are not dependant upon the user 'root's shell, nor are they dependant upon that user's home directory. Therefore, I can not see the benefit of copying the root account's priveledges to another username under linux. I can see this need only for systems which are dependant upon the shell and/or home directory of the 'root' userName. <quote who="pinard@iro.umontreal.ca (François Pinard)">
[Steffen Dettmer]
* Francois Pinard wrote on Wed, Jul 09, 2003 at 10:03 -0400:
I once used to have a `root' and a `root2', both having uid 0 in `/etc/passwd', and I used this for quite a while, and do not remember any adverse effect.
What does this help?
Someone wrote that this was not to be recommended, yet without giving real reasons against it. I just wanted to say that any recommendation should be backed by some justification. In my case, I had good reasons to use `root' and `root2', and saw nothing wrong with it for the time I needed it.
So far in this thread, I did not see a convincing justification yet, for avoiding two accounts with the same UID.
It would be interesting to know, "what root" e.g. changed or created a file, but as you stated, this is not possible this way.
If there is indeed a need to know, then of course, having two accounts for the same UID is not acceptable. That need does not necessarily exist.
I think this may introduce some confusion (without any positive effect I can see) - which I would not recommend.
Or maybe, it just does not introduce any confusion for those needing it.
Maybe this is a reason: KISS (keep it simple, stupid) is a little violated by such a configuration (which I would call uncommon and missleading, maybe).
Uncommon, I agree. But maybe not misleading at all. I do not think that if someone knows what s/he is doing (and why!), there is a real problem.
This thread is a bit amusing, as some correspondents try to guess "why", but do not necessarily guess correctly. They then reply to their own guesses...