Norm Jacobs <[email protected]> writes:
[...] > I thought that it has been enforced since the root account was > converted to a role. As I mentioned in a different thread, you can > configure PAM to not enforce this for ssh (or other services). Others > have mentioned that you can convert root back to a user account in > /etc/user_attr. There are as many ways to skin this cat as you have > imagination for. But just to be a broken record, the recommended > approach is to login as a mere mortal and pfexec(1)/su(1m) to elevate > privilege. Preferably you only elevate the privileges you need to, > when you need to. I'm a happy camper now with your input... and it seems between you and Scott.. its looking more and more like something is going on with my setup that isn't the norm. [...] Scott Rotondo <[email protected]> writes: [...] > I'm really not certain why you're seeing a change in behavior. Perhaps > I'm forgetting an earlier bug that somehow allowed you to directly log > into the root account. In any case, what you're describing is how it > was supposed to behave before. I remember having done something way back... I think it was posted on an opensolaris.org page... how to setup a root account and login as root. Any way it was fairly common knowledge and a howto was available. This was many builds back during 2008.11. What ever it was I did... its worked all this time... I had nothing extra in pam.conf except the required line for smb server to work. I stayed at build 118 quite a while... and now moved up to 124. That's when the root login trouble started. Now after editing pam.conf with the line posted in this thread...I'm again able to login as root. Coming from a long linux background... and having always operated on a single user machine... on a home setup... and only as a hobbyist... I've probably picked up horrible habits... that would give a real live system admin fits. I guess the only saving grace is that its only me... who suffers if I pull some boneheaded stunt as root. At this point... I'm comfortable with the way I work... I don't linger as root ... but do keep a root xterm open all the time. I'm logged into my user account, but if I need root for something. I just switch xterms. I'm good to go now... and have no interest in either encouraging or discouraging root login. I am having a number of different log messages that look like problems. But I'm still digging around on that Thanks again to all posters. _______________________________________________ opensolaris-discuss mailing list [email protected]
