Many (most?) people may run Netview as root, but it' not necessary, and
from a security perspective, it's not a good idea. No Unix admin wants
users running applications as root. Only thing root needs to do for
NetView is start background daemons, and sudo is fine for that. If
there are problems with daemons falling over, you can script a solution
for that, although you should really find out what the problem is.
Having said that, the implication of your post is that you (the NetView
admin?) don't own the NetView machine. This is also not a good idea,
although I realize that these days many are running NetView on one node
of an SP owned by another department, but if you are the NetView
administrator, you are not in the same category as a NetView user, and
you should have root access.
Your users, however, should not be running NetView as root. From the
administrator's point of view, if you can limit normal AIX users to one
NetView session per user, or at least limit NetView sessions to a small
number of users, it's much easier to figure out what's going on, should
you be called to sort out a problem with a session, if can identify the
user who owns each ovwbinary session.
This is not a cut-and-dried subject, and you may want to sit down and
figure out your management scheme before you commit to anything.
I'm sure others will offer their opinions as well.
"Allison, Jason (JALLISON)" wrote:
>
> List:
>
> I am sure most have us have been through this with our System Admin group.
> I am trying to find out if there are any know problems/bugs/concerns with
> running Framework and Netview via the "Su Do" Unix utility `sudo` and not
> from user root.
>
> Does Tivoli have an "official" position on this subject?
>
> Thanks for your time,
> Jason
|