Now why would I tell them that? ;)
Really, I think the point of that maneuver is to protect the
root password. The other uid 0 users don't need to know
the password used for root by the system administrator.
I guess it all depends on what they are paranoid about.
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Subject: [nv-l] Root Authority
In your second paragraph you say that sites add a "non-root user with a uid
They should be aware that it is not the name "root" that has the magic
powers but the uid number 0. You can have any number of names, each with a
UID of 0, and they all have "root power" so if the sites you refer to think
they have circumvented the root "problem" then they are probably in for a
Cheers - Gavin
>>> "Leslie Clark" <email@example.com> 27/06/2002 21:27:07 >>>
Of the one hundred or so sites where I have implemented Netview, I have
encountered only three that absolutely would not give root to the Netview
administrator. In all three cases those customers followed a policy of
pushing out a common /etc/passwd file to all AIX systems, so a common
root password was in use for all systems. Not a fashionable approach,
but not all that uncommon.
Some sites add a non-root userid with an effective uid of 0, allowing
most function without the user needing to know root's password. I have
not seen this lately and don't know what the limitations might be if any.
The sudo approach is pretty common and seems to work well.
Many sites with strict AIX support teams simply opt out of AIX support.
They would rather go it alone than put up with the delays involved in
getting someone to come over and type something in for them.
I personally always put it right in the contract that I will have root
while I am onsite implementing Netview. Time is money, after all.
To unsubscribe, e-mail: firstname.lastname@example.org
For additional commands, e-mail: email@example.com
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)