Using SCO Unix 'asroot'

authorization to change other users passwords, use passwd command

SCO uses "asroot" to have the functionality of "sudo". You can use sudo on SCO systems but the built-in method is "asroot" and the various kernel authorizations that go with it. For certain tasks, like controlling printers or changing passwords, a user can be given specific power for those functions. For example, to run passwd, the user needs "auth" authorization (and doesn't need "asroot" at all), which will let them run passwd for any other user that does NOT have "auth" authorization. The idea behind this is that this user can change other users passwords, but not root's, or that of any other user who has been granted this power. It would be a major danger to do this any other way.

This is a good example of giving partial power without full root authority.

See How can I make a shell script setuid so that ordinary users may use root privilege commands?.

Unixware uses tfadmin for similar functionality: uw7 root privileges sudu asroot.

If you'd rather use sudo: Basics: Using sudo, Problems running SUDO on SCO, syslog.conf uses TABS prior to 5.0.6.

There are people who feel that no one should ever have direct root access, that all system maintenance should be done through sudo or something like it. Apple's Mac OS X largely follows that, and I'm not uncomfortable with it though I do have some reservations: sudo vs. root access.

See "man authorize"

Got something to add? Send me email.

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us