Using SCO Unix 'asroot'
authorization to change other users passwords, use passwd command
SCO uses "asroot" to have the functionality of "sudo". You can
use sudo on SCO systems but the built-in method is "asroot" and the
various kernel authorizations that go with it. For certain tasks,
like controlling printers or changing passwords, a user can be
given specific power for those functions. For example, to run
passwd, the user needs "auth" authorization (and doesn't need
"asroot" at all), which will let them run passwd for any other user
that does NOT have "auth" authorization. The idea behind this is
that this user can change other users passwords, but not root's, or
that of any other user who has been granted this power. It would be
a major danger to do this any other way.
This is a good example of giving partial power without full root
See How can I make a
shell script setuid so that ordinary users may use root privilege
Unixware uses tfadmin for similar functionality: uw7 root privileges sudu
If you'd rather use sudo: Basics: Using sudo,
SUDO on SCO, syslog.conf uses TABS
prior to 5.0.6.
There are people who feel that no one should ever have direct
root access, that all system maintenance should be done through
sudo or something like it. Apple's Mac OS X largely follows that,
and I'm not uncomfortable with it though I do have some
reservations: sudo vs. root
See "man authorize"
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Tony Lawrence
Find me on Google+
© 2009-11-07 Tony Lawrence