Problems creating and accessing with user

anaigini45 · August 16, 2017, 1:16pm

Hi,

I have created the user 'mastersa' in several servers.
I need to change the user ID to '0'. However, after doing this, I am not able to login (Access denied).
Even after I change the password, I still get this error.
Why is this?

Also, when I attempt to delete the user account, I get the error :

# userdel -r mastersa
Login mastersa is currently in use
#

Whereas, the user is not even logged on anymore, as I logged the user out already :

# w
  5:18pm  up 135 days,  9:17,  1 user,  load average: 0.03, 0.03, 0.03
User     tty           login@  idle   JCPU   PCPU  what
emoaigin pts/0         5:16pm                      w
#

How do I resolve this error?

jim_mcnamara · August 16, 2017, 2:16pm

The user group zero is reserved for privileged accounts, namely root . And you have to be root to use the userdel command. That is the direct cause of the error, I think.

I'm not sure how to fix your problem. When you need special privileges for a user there are special tools like sudoer (sudo), which allows you to give good control over what the user can and cannot do. Do not fiddle around with reserved group numbers like that.

MadeInGermany · August 16, 2017, 2:35pm

There is UID 0 for root.
By adding a second UID 0 user you make it an alias for root.
Still it logs in with its separate password.
I don't know why the login fails. Look at error messages in /var/adm/syslog/syslog.log
How do you login? With ssh? Then, perhaps there is "PermitRootLogin no" in sshd_config, and sshd treats all UID 0 users accordingly.

Once logged in as the alias user, a "whoami" will say "root". Some odd things can happen.
So userdel fails because it sees that "root" has running processes.

Adding a second UID 0 account is no good practice.
A better way is sudo and an appropriate entry in sudoers file.

man sudo
man sudoers

RudiC · August 16, 2017, 2:36pm

I'm afraid the poster doesn't talk of group 0 but of UID 0 i.e. the root user! A bad idea ... can you post the relevant parts of the /etc/passwd file, confidential data obfuscated?

vbe · August 16, 2017, 3:35pm

Was your idea because root can not log in in the first place? If so you discovered it is true for any account with UID 0... and so the is no error, just the normal behaviour of HP-UX...
2 possibles reasons : security mainly :
Not allow ssh with root account ( as mentionned ) - OR -
the presence of securetty file that allows root most commonly from a console...
That said you could have tried to su...

anaigini45 · August 17, 2017, 3:48am

Hi,

I believe the problem lies in the sshd_config file.
I tested the steps I provided in my first post in a test server, and this problem did not happen.

When I compared the sshd_config file for both test and production, I found that in the test server, the parameter

"PermitRootLogin"

was

"Yes"

, whereas in production it was

"without-password"

.

And in production, I used a normal user account to login to the server, then su -mastersa, and I could login.

Regards,