From: Green, Simon (Simon.Green@EU.ALTRIA.COM)
Date: Thu Mar 13 2003 - 06:54:51 EST
I've had a look at roles, but found them to be too limited to be useful: you
still have to give the user too much other authority in order for them to
use the role. e.g. The ManageBasicPasswds role didn't appear to work unless
the user was in the security group anyway. All in all, I'm not sure what
the point is. It's always possible that this was a fault, or maybe I just
misunderstood what they're supposed to do.
For myself, I try to avoid spending time as root, and we've barred direct
logins as root on most systems, to help provide an audit trail back to a
specific user if necessary.
The groups which are most useful to me are system, security, audit and
printq.
For operations people, printq and security might be helpful.
Simon Green
Altria ITSC Europe s.a.r.l.
AIX-L Archive at http://marc.theaimsgroup.com/?l=aix-l&r=1&w=2
AIX FAQ at http://www.faqs.org/faqs/aix-faq/
N.B. Unsolicited email from vendors will seldom be appreciated.
> -----Original Message-----
> From: Shawn Bierman [mailto:BiermanS@METHODISTHEALTH.ORG]
> Sent: 12 March 2003 19:30
> To: aix-l@Princeton.EDU
> Subject: Re: Administrative accounts
>
<SNIP>
> Roles seem to be a nice tool thats available with AIX but
> you can't find "good" documentation on it. The docs at IBM
> seem to be very vague and with no examples. I was hoping
> someone has used Roles before.
>
> Is everyone, on this listserv, just logging in as root? =)
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:39 EDT