AIX Authority and Permissions

Homepage Clovertech Forums Read Only Archives Cloverleaf Operating Systems AIX Authority and Permissions

  • Creator
    Topic
  • #47632
    Keith McLeod
    Participant

    Before the sys admins lock down the cloverleaf interface engines, is there any compelling reason not to have this happen. Is there a requirement for the Interface Engineers to have root level authority on a cloverleaf interface engines running on AIX?

Viewing 1 reply thread
  • Author
    Replies
    • #56316
      Dan Goodman
      Participant

      In a Sarbanes-Oxley/HIPAA world, it is better from an audit perspective to separate out the admin duties from the applicaton duties.

      Where there is a need for root, it is usually for a third party package install, in which case, it is best if a sysadmin is involved, rather than just tossing the software on the box, and hoping no conflicts arise.

      If all the permissions are set as QDX recommends, there shouldn’t be a need to have root access to manage all QDX code and commands. If they are not set right, it is better to set them right. I think QDX has a utility for this now, but it used to “here is the specification, you implement it.”

      If none of the above are sufficient, the admin can always configure a free utility, sudo, to allow program execution only for selected (necessary) programs.

    • #56317
      Scott Folley
      Participant

      I can tell you that there is no technical reason why cloverleaf cannot be managed equally well with or without root authority on the box.  We have not had root authority on our boxes in years and the only thing that it prevents us from doing is installing other software.  I will caution you though.  Make sure you keep a very close relationship with your sysadmins because you will be looking to them a lot when memory and disk space issues arise.  In an ideal world it would be good to have a sysadmin attached to your group or readily available to get assistance troubleshooting.  Once the problem you have gets to the point where you have ruled out the application, it is also nice to have someone to “pass it off” to…lol.

Viewing 1 reply thread
  • The forum ‘Operating Systems’ is closed to new topics and replies.

Forum Statistics

Registered Users
5,126
Forums
28
Topics
9,295
Replies
34,439
Topic Tags
287
Empty Topic Tags
10