Making a Second Root User


Contents

About this document
Creating a second root user
Creating special users with root authority

About this document

This document explains how to create a second root user and is applicable to AIX Versions 4.x.


Creating a second root user

Follow these steps to create a second root user:

  1. Create a user.
  2. Manually edit the user ID field and group ID field in the /etc/passwd file.
  3. Change the user ID to ID 0.
For a typical user ID, for example, change the entry from:
   russ:!:206:1::/u/russ:/bin/ksh 
to
   russ:!:0:0::/u/russ:/bin/ksh 

This creates a user (in this case, russ) with identical permissions to root.


Creating special users with root authority

Special users that have root authority but can only execute one command may also be created. For instance, to create a user that can only reboot the system, create a regular user called shutdown and modify the /etc/passwd command to change the user and group ID to 0.

For AIX 4, the /etc/passwd entry for the user called shutdown should be:

   shutdown:!:0:0::/u/shutdown:/usr/sbin/shutdown -Fr 
The shutdown command on AIX Version 4.1 is located in /usr/sbin.

Now when user shutdown logs in, the system will shut down and reboot.

NOTE: If you do not want to create a new user to execute only one command as in the shutdown example above, please, see our prism fax: "How Permissions Work," which explains how a normal user can execute commands with root authority with the help of the setuid bit.




[ Doc Ref: 90605188514728     Publish Date: Aug. 06, 2001]