BTW it is better to just let root be a role and just su to root after logging in via ssh as normal user. Why do you want to ssh directly as root ?
Regards, Moinak. On Tue, Aug 5, 2008 at 10:37 PM, Moinak Ghosh <[EMAIL PROTECTED]> wrote: > On Tue, Aug 5, 2008 at 10:26 PM, Tommaso Boccali > <[EMAIL PROTECTED]> wrote: >> ciao, I solved. >> I am not even sure it was having to do with the update... >> >> Some time ago I had promoted root from a role to a real user as in >> >> root::::type=role;auths=solaris.*,solaris.grant;profiles=All;lock_after_retries=no;min_label=admin_low;clearance=admin_high >> cms::::profiles=Primary Administrator;roles=root >> >> to >> >> ..... >> rootRole::::type=role;auths=solaris.*,solaris.grant;profiles=All;lock_after_retries=no;min_label=admin_low;clearance=admin_high >> cms::::profiles=Primary Administrator;roles=rootRole >> root:::profiles=Primary Administrator;roles=rootRole >> >> to allow ssh logins to root. >> >> so I guess this is not the correct method. Can someone tell me what I should >> have done? > > Try this: > rootRole::::type=role;auths=solaris.*,solaris.grant;profiles=All;lock_after_retries=no;min_label=admin_low;clearance=admin_high > cms::::profiles=Primary Administrator;roles=rootRole > root::::auths=solaris.*,solaris.grant;profiles=All;lock_after_retries=no;min_label=admin_low;clearance=admin_high > > The roles=... gives the user the ability to assume that role but does not > automatically grant privileges of that role to the user. Also you were > missing a ":" in the root:::: line. > > Regards, > Moinak. > >> >> thanks >> >> tommaso >> >> >> This message posted from opensolaris.org >> _______________________________________________ >> opensolaris-discuss mailing list >> opensolaris-discuss@opensolaris.org >> > > > > -- > ================================ > http://www.belenix.org/ > http://moinakg.wordpress.com/ > -- ================================ http://www.belenix.org/ http://moinakg.wordpress.com/ _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
