> -----Original Message----- > From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On > Behalf Of Jim Chappell > Sent: Tuesday, March 13, 2007 1:43 PM > To: [email protected] > Subject: REXEC - ROOT HOW-TO > > > I need to run an REXEC from a z/OS platform to a zLinux SLES 9 SP3 > environment and I NEED for the REXEC to have ROOT authority. > > Yes I know all about the security problems that this entails > but at this > point I do not have much choose. > > My attempts all fail: > > EZA4801I MVS TCP/IP REXEC CS V1R6 > EZA4810E The call to rexec_af() function failed: > EZA4744I Foreign host aborted the connection. > > I can do some of my process if I use a userid other than ROOT so the > network environment is OK (I think anyway) > > a) Can I use ROOT (I know that I shouldn't but I have a need > for speed) > b) If so where is the control being implemented? > > > Jim Chappell
Does this help? http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/s1-pam -rexec.html <quote> If you must use rexec, rsh, and rlogin, and if you need to use them as root, you will need to make a few modifications to the /etc/securetty file. All three of these tools have PAM configuration files that require the pam_securetty.so PAM module, so you must edit /etc/securetty to allow root access. ... </quote> http://www.europe.redhat.com/documentation/rhl6.2/ref-guide-en/s1-sysadm in-auth.php3 As a curiousity question, would it be possible to run your process using a setuid=root program? I think that might work. -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology The information contained in this e-mail message may be privileged and/or confidential. It is for intended addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or other use of this communication is strictly prohibited and could, in certain circumstances, be a criminal offense. If you have received this e-mail in error, please notify the sender by reply and delete this message without copying or disclosing it. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
