I don't do security, but there are at least 4 fixes in 5.1.2 for it, and one of
them says
IX89683 -- Cannot grant non-root authority to NetView security admin
James Shanks
Tivoli (NetView for UNIX) L3 Support
Leslie Clark <lclark@US.IBM.COM> on 10/08/99 11:09:40 AM
Please respond to Discussion of IBM NetView and POLYCENTER Manager on NetView
<NV-L@UCSBVM.UCSB.EDU>
To: NV-L@UCSBVM.UCSB.EDU
cc: (bcc: James Shanks/Tivoli Systems)
Subject: Re: Setup Security Admin other than root
In spite of having been documented as doable for years, that
function never worked because the nvsec_admin command
actually made a check to see if the real user was 0. I reported it
last year and I believe it was supposed to have been fixed in
5.1.1. I have not used it since the fix so I don't know for sure that
it was completely fixed. If you are at 5.1.1 and it still does not
work, you should call support.
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Hi, all,
When I follow the steps on NetView admin guide to setup the Security Admin
other than
root, I always get an error message when I tried to start nvsec_admin from
that user id:
What I did was:
1. create a group named "secadmin" and a user named "secadmin"
2. Follow the instruction on the admin guide:
chgrp secadmin /usr/OV/bin/nvsec_admin
chmod g+x /usr/OV/bin/nvsec_admin
chgrp -R secadmin /usr/OV/security
chmod g+rwx /usr/OV/security
chmod -R g+rw /usr/OV/security/C
chmod g+rx /usr/OV/security/conf
chmod g+rw /usr/OV/security/conf/sec.conf
chmod -R +rwx /usr/OV/security/C
3. add the group name of secadmin into root's group list.
4. login "secadmin" and start /usr/OV/bin/nvsec_admin
Then I get the following error message:
<>ERROR: User must be root. Permission denied for "nvsec_admin"
What have I done wrong?
Thanks.
|