I don't know of any way to do that. IBM has implemented "sudo" (1.7.2p2) in the "ported tools" (at least on my z/OS 1.12 system that's where it is). Personally, with the security hat on, I'd prefer enforcing the use of "sudo" because you can control and audit it more easily. ref: http://www.sudo.ws/
But I would strongly suggest that you set up the proper RACF profiles to allow superuser-like access while using a regular RACF id. I have a non-zero UID on my login and I have yet to have any need to use "sudo" or an "su -" command. I can read/modify/chmod/chtag/chown/chgrp/... any UNIX file. Do a "kill" command on any UNIX process. Start up daemons (sudo helps a bit on this one). http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/BPXZB2C0/4.20 http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/bpxzb2c0/4.17 -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * [email protected] * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] > On Behalf Of Donald J. > Sent: Monday, November 26, 2012 12:18 PM > To: [email protected] > Subject: OMVS su - > > We have serveral OMVS userids of 0. Is their any way to control which > of those gets utilized when an "su -" command is entered? I would like > it to be the "omvs" > userid each time. > > Some of the UID 0 userids have a home of /, and a couple have no home > defined. Seems like the > last UID 0 defined is probably the one selected for "su -" and > directory displays. I have defined a /home/root/.profile and added a > soft link for /.profile to go there, but if a userid with no home > defined is selected, it doesn't activate a .profile script. Owner of > those IDs doesn't want them changed to add a home. > -- > Donald J. > [email protected] > > -- > http://www.fastmail.fm - Choose from over 50 domains or use your own > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
