3

Currently my organization has in it's linux configuration two accounts with a UID of 0 - Root and Root2. If we were to set a failed login attempts setting for the Root2 account, and the account were subsequently locked, would it also lock out the Root account?

My initial thought is that locking Root2 wouldn't affect Root, since while they share a UID (and there doesn't seem to be a limit to the number of users with a UID of 0) they can obviously have different passwords. Is that accurate? Or am I missing/overlooking some mechanism in the authentication process that would lock out users with a UID of 0 and not a specific username?

tdk2fe
  • 600
  • 2
  • 13

1 Answers1

5

The lock is effected by editing the root2 account's entry in /etc/shadow file. This will not affect the root account.

It's generally considered bad practice to have multiple accounts with the same UID, if for no other reason than you loose your ability to audit people's activity and hence hold them accountable. You really should consider configuring and using sudo to give other people privileged access.

user9517
  • 114,104
  • 20
  • 206
  • 289
  • Trust me - I've had that conversation with some of the "Old timers" many times. Unfortunately, they swear that this is the only way they can get their apps to work. It's a bit of a culture war - but thanks for the info! – tdk2fe Apr 24 '13 at 18:49