Can I create a User with Root Privileges but without UID Zero?

Similar Messages

• How can I create a user with rights to install packages on a publish instance?

  Hi,
  I am trying to create a user with the rights to upload and install content packages on a CQ publish instance and I do not wish to use the admin user.  Simply adding a new user to the administrators group does not seem to be enough.
  I tried adding a rep:GrantACE node through crx de/explorer but it reported the node as locked.  I was able to upload a content package that removed the rep:DenyACE jcr:read for everyone, but this is not safe it seems.
  Is there some special privilege that I need to add to my user/group that will allow them to access the /etc/packages tree or do I just need to add some permission somewhere within the tree.
  Regards,
  Chris

  With some help from David Collie, Alex Klimetschek & Jörg Hoh I have a better idea of what is going on and we've found a solution. 
  It seems that the admin account always works in these scenarios as it has special privileges in the CRX security system; admin can do anything it likes.
  Instead of creating the rep:GrantACE nodes directly, I was able to add a new ACL entry for the administrators group to /etc/packages via the Access Control Editor (http://localhost:4502/crx/explorer/ui/aceditor.jsp?ck=1373027669916&Name=acEditor&Path=%2F etc%2Fpackages&_charset_=utf-8). 
  Strangely, the administrators account already had some inherited rights on this directory that were overridden by the deny|everyone|jcr:read ACL entry on /etc/packages node.  Adding allow:administrators|jcr:read gives any member of that group access to read and write to the /etc/packages. directory.
  Now that I have setup this user we can setup a deploy step in out CI build that does not rely on using the admin account.
  Thanks
  Chris

• Newbie :  How can i create 2 users with the same name on diff domain name ?

  I have two domains on my server
  exemple1.com
  exemple2.com
  and i want to create one user for each domain with the same name
  [email protected] and [email protected]
  curently i can create one user, and it's the same user for both domains :-/
  how ?
  thanks
  Hète

  I must say. I am equally curious about this. i've played a lot in Communigate and it is easy to do there but how does one do this in apple mail?

• How can i create bulk users with system Administrator responsibility in EBS

  Hi Gurus
  I want to create or Load Bulk users with System Administrator Responsibility in Oracle EBS using simple steps (Concurrent,API,OI,Back end). Is it Possible to create user with system Administrator Responsibility using concurrent/API/OI. Kindly help me in creating users with following details.
  Username     User Description     Employee Name     E-Mail ID     
  Das A R     GM     Mr. Arup R.Das     [email protected]     
  sandeep.n     Sr. Manager - Works     Mr.sandeep.Naik     [email protected]     
  sandeep     Asst. Manager - Excise Mr.Sandeep Bhosale     [email protected]     
  Thanks in Advance
  Hemanth.C

  Login to to the Ebiz database with user/paswad app/app and verify the detiled parameter for below DB procedures which are being used to create, update user and responsibility related work
  Create User FND_USER_PKG.CreateUser
  Disable user FND_USER_PKG.DisableUser
  Update USer FND_USER_PKG.UpdateUser
  Enable User FND_USER_PKG.EnableUser
  Add Responsibility FND_USER_PKG.AddResp
  Update Responsibility FND_USER_PKG.AddResp
  Remove Responsibility FND_USER_PKG.DelResp
  In your case call two method
  1.CreateUser pass all parameter
  2. add responsibility - for responsibility check the KEY/ID value for System administrator in FND_RESPONSIBILITY table. while calling method pass this ID/KEY
  Better put this in EBIZ forum.

• Can I create another User with user privileges in RV042 V3?

  Hello to all, good day!
  I am just wondering if it is possible to have two user accounts in Cisco RV042 V3 (Firmware:
  v4.1.1.01-sp (Dec 6 2011 20:03:18). User accounts to mean that one user can access the router with an administrative level access can do all the changes and management of the router's configurations and settings while another user can only do viewing of the system summary tab and connect and manage the simple configuration to connection to the ISP in both WANs, like setting up the connection type and release/renew the ip address for dynamic ip assigned by the ISP DHCP server.
  Thank you.

  RV042 only supports one administrator account with the current firmware. Newer products such as RV110W and RV220W support multiple user accounts.

• Creating portal users with owner privileges?

  Hello,
  I need to let local adminstrators create users in the portal.
  This is based on instance-specific privileges, not global.
  Setting them to 'owners' of the group in the portal should let them add users.
  Once created and I log in as one of them I do not have the privileges of being an
  'owner', eventhough it's visible in the portal that I am an owner.
  Anybody?
  /

  Hi,
  To make the problem a little clearer.
  I want to have "local adminstrators" that can manage portal users i.e; delete, insert and update portal users.
  However I do not want these "local administrators" to be "Full administrators"- too dangerous.
  The "local adminstrators" should belong to the same group as the users they are set to administer. The
  only difference between a "local administrator" and a user of a group is that the "local administrator" have privileges
  to manage the other users of the group. If I have understood the concept right an owner have these privileges.
  I made them owners of the group, but this did not enable them to manage users.
  This must be a rather common approach, to have some users being able to administer other users without being a fullfledge DBA.
  Right now I'm looking into mapping them(the local administrators) to a different database schema with rights to manage users.
  I realize that to map them to another schema, then the checkbox "Use this schema for Portal Users" have to be checked when creating the
  schema. How do I check if this was checked and if it wasn't checked can I alter it now?
  Another thought is to dynamically upon meeting certain conditions making them Full Administrators, then after finishing the task
  reinstating them as normal users.. but this.. well hmm
  Thanks.
  /

• How to launch an App with Root privileges - without enabling "root" user ac

  Is there a reliable way to launch an Application so that it can run with "root" privileges, but without enabling the OSX root account and logging in to that account?
  There is an old (and, presumably, obsolete) application called "Pseudo" which used to facilitate this, but I doubt it would be safe or reliable under OSX 10.5.
  So, does anyone have any suggestions?

  For a more permanent method, run the following command on the same file:
  sudo chmod u+s
  if the item is owned by root. This may be undone by the repair permissions command.
  (27138)

• Create user with dba privileges

  How do I create a user with DBA privileges in Oracle? The user should be able to create, insert, delete, truncate and other functions without any limits. Do I have to issue GRANT statements?

  Hi,
  I don't believe there's any way to create a user and grant privileges in one command.
  First, create the user:
  CREATE USER  foo  IDENTIFIED BY  bar;Then grant the privileges. There's a pre-defined role called DBA that has all the privileges you mentioned.
  GRANT  dba  TO  foo;It's easy to write a script to do these two commands together, so you could say
  @CREATE_USER  foo  bar  dba

• Create user with DBA privileges with a restriction to access user data

  Hi
  I need to create a user with all DBA privileges with a restriction to access all user schemas
  Thanks,
  Balaji

  Use Database Vault - http://download.oracle.com/docs/cd/E11882_01/server.112/e16544/toc.htm
  HTH
  Srini

• Create new user like another user with select privilege???

  our user requested create another user similar to "apps" , but only "selec t" privilege to "apps" objects and other user's objects which grant to "apps".
  In this case they can use tool login and do some work.
  Does anyone know how to "create a new user like APPS", bur only copy APPS "select" privilege to this new user?
  Thanks.

  This has been discussed many times in the forums. Pl see this thread Re: How to create a read only database or conduct a search for more hits.
  HTH
  Srini

• How to create full new user with all privileges

  how to create full new user with all privileges?
  and how to delete existing users?
  Thanks in advance..

  Common solution is probably to use sudo for privilege elevation, wiki should help

• Using an NT user with DBA privileges does not permit to create schema : why ?

  Hi,
  I use an Oracle 8 on an Windows NT server.
  I have two NT users with DBA privileges.
  But, when I use the migration workbench to create the oracle schema, my users are not granted.
  Why ?
  Regards.
  Pascal

  Please clarify your problem.
  The workbench creates users (which are visible in the oracle model within the tool) with the password oracle .
  I am not sure if you are asking about accessing the database using your OS user identity, or have you found that the users exist but do not have dba privileges.
  Turloch
  Oracle Migration Workbench Team
  null

• I'm a new Mac user....how can i create a "sticky" with automatically reoccurring bullet points?

  I'm a new Mac user....how can i create a "sticky" with automatically reoccurring bullet points?

  On my previous Mac (long, sad story) I had Office for Mac and liked it a lot.  I was collaberating on some fairly complex legal documents, and never noticed any compatibility problems with Windows Office.  That said, it is expensive.  For most documents, I simply open the Word document in Pages and export it to Word when I am finished.  I sometimes get the message that there is a missing font, but the computer uses a substitute that is quite acceptable.  I have never had someone say that they had difficulty with a document I exported to Word.
  Numbers and Excel aren't as compatible in my experience, and I have gotten some surprises when I hadn't tweaked the settings properly when exporting to Excel.
  The other component of iWork is Keynote, and I like it much better than Powerpoint; to me it is just easier to use. I have never tried converting back and forth between Keynote and Powerpoint.
  Depending on what grade your kids are in and what they are doing, I think I would start off with iWork and see what, if any, problems they encounter.  Of course, if they are going to use the computer for a class in Office or its components, your kids are going to need a Windows machine with Windows Office, because Office for Mac is enough different that when the teacher says, "Now, move your mouse here and click on....", your kids are going to be lost.
  Hope this is useful.

• Business Management Error: You are attempting to create a user with a domain logon that does not exist. Select another domain logon and try again.

  Hello,
  Suddenly the working CRM is being stopped for some group of users.
  I drilled down to the issue and have checked that the users from Domain in which CRM is installed are having CRM access.
  But for other domain user having problem to access CRM.
  I tried to add a user from a domain which is not of CRM domain then it gives following error.
  "Business Management Error: You are attempting to create a user with a domain logon that does not exist. Select another domain logon and try again.
  <Message>LookupAccountNameW failed with error</Message> "
  The change is made - AD group have upgraded Activer Directory server to 2012 R2
  Please help as the Production CRM is not working for other domain user.

  We have Activer Directory Structure like below.
  One Root Domain says A
  and there are multiple child domain like B,C,D etc...
  B,C and D are all in same level,they are child of A domain.
  There are two way transitive trusts between A and all the child Domain.
  But there is no trust in between B and C and so on.
  Our CRM server is in B domain and B domain's user can access CRM but users of Domain C,D and so on can not access CRM.
  If this post answers your question, please click &quot;Mark As Answer&quot; on the post and &quot;Mark as Helpful&quot;

• Need help authorizing tool with root privileges

  So i've read apples docs on AuthorizationServices many times but they're examples leave a lot out (or maybe im just overlooking things) Can anyone provide a simple example of how to give an application root privileges, im trying to create a cleaning tool that removes caches etc.

  You can't really "give an application root privileges". You can execute a tool with root privileges. I use the following:
  #import "Authorization.h"
  #import <Security/Authorization.h>
  #import <Security/AuthorizationTags.h>
  @implementation Authorization
  // Constructor.
  - (id) init
  self = [super init];
  if(self)
  AuthorizationFlags flags = kAuthorizationFlagDefaults;
  OSStatus status =
  AuthorizationCreate(
  0, kAuthorizationEmptyEnvironment, flags, & myAuthorizationRef);
  if(status != errAuthorizationSuccess)
  @throw
  [NSException
  exceptionWithName: @"AuthorizationCreateFailure"
  reason: [NSString stringWithFormat: @"Error code: %d", status]
  userInfo: nil];
  return self;
  // Destructor.
  - (void) dealloc
  if(myAuthorizationRef)
  AuthorizationFree(myAuthorizationRef, kAuthorizationFlagDefaults);
  [super dealloc];
  // Execute a privileged task.
  // Returns YES if the task executed successfully, NO otherwise.
  - (BOOL) run: (NSString *) executable
  withArguments: (NSArray *) arguments
  output: (NSString **) output
  AuthorizationItem items = { kAuthorizationRightExecute, 0, 0, 0 };
  AuthorizationRights rights = { 1, & items };
  AuthorizationFlags flags =
  kAuthorizationFlagDefaults
  | kAuthorizationFlagInteractionAllowed
  | kAuthorizationFlagPreAuthorize
  | kAuthorizationFlagExtendRights;
  OSStatus status = AuthorizationCopyRights(
  myAuthorizationRef, & rights, 0, flags, 0);
  if(status != errAuthorizationSuccess)
  @throw
  [NSException
  exceptionWithName: @"AuthorizationCopyRightsFailure"
  reason: [NSString stringWithFormat: @"Error code: %d", status]
  userInfo: nil];
  char ** args = (char **)malloc([arguments count] + 1);
  int index = 0;
  for(NSString * argument in arguments)
  args[index++] = (char *)[argument UTF8String];
  args[index] = 0;
  FILE * pipe = 0;
  flags = kAuthorizationFlagDefaults;
  status =
  AuthorizationExecuteWithPrivileges(
  myAuthorizationRef,
  [executable UTF8String],
  flags,
  args,
  & pipe);
  free(args);
  if(output)
  NSMutableString * results = [NSMutableString new];
  char buf[128];
  while(true)
  int bytesRead = read (fileno(pipe), buf, sizeof(buf) - 1);
  if(bytesRead < 1)
  break;
  buf[bytesRead] = 0;
  [results appendString: [NSString stringWithUTF8String: buf]];
  [results autorelease];
  *output = results;
  return status == errAuthorizationSuccess;
  // Execute a privileged task.
  // Returns YES if the task executed successfully, NO otherwise.
  + (BOOL) execute: (NSString *) executable
  withArguments: (NSArray *) arguments
  output: (NSString **) output
  Authorization * authorization = [Authorization new];
  BOOL result =
  [authorization run: executable withArguments: arguments output: output];
  [authorization release];
  return result;
  @end