SUMMARY: /etc/project woes

From: Christopher Barnard <cbarnar1_at_earthlink.net>
Date: Sun Sep 18 2011 - 21:45:49 EDT
I asked:

> I recently made some changes to the /etc/project file on one of my Solaris
10
> servers.  But now users have to authenticate *twice* to see the changes to
the
> project file.  Now I know that if I reboot the server it will work
correctly.
> But this is a Sun, not a @#)(*@()&#^ Windows box.  I shouldn't have to
reboot
> to enable this...
> Is there a way to get the changes to this file to take effect short of
> rebooting?
>
> ----------------------------8<---------------------------------
>
> sandbox : /opt/home/cbarnard$ ssh servername.rush.edu -l epicadm
>
> epicadm@servername.rush.edu's password:
> Last login: Mon Aug 29 18:27:58 2011 from differentserver.rush.edu
>
> epicadm@servername$ id -p
> uid=25630(epicadm) gid=101(epicsys) projid=0(system)
> epicadm@servername$ /bin/su - epicadm
> Password:
>
> epicadm@servername$ id -p
> uid=25630(epicadm) gid=101(epicsys) projid=102(user.epicadm)
> epicadm@servername$
>
> --------------------------8<----------------------------------------


The answer:

no, a reboot would not fix the issue.  I only got one response, but it was
right on the head.  SunSSH vs OpenSSH.  The /etc/project file is something
unique to Suns and so only SunSSH honors it.  OpenSSH does not.  This is
inadvertently enforcing security rules concerning shared accounts, so I do not
mind.  su does honor the /etc/project file, so in order for these databases to
work properly, the DBAs must log on as themselves and then su to the shared
user that runs the database.  Win win, I say.

Thanks to
 Martin, Jeff <Jeff.Martin@tais.toshiba.com>


Christopher L. Barnard
-------------------
comment your code as if the maintainer is a homicidal maniac who knows where
you live.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Sun Sep 18 21:46:17 2011

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:18 EST