Have you looked at sudo ? As previous mails have pointed out, you do need
root for a few jobs. Sudo is public domain software but don't be put off by
the fact it is free. Users can be given "psuedo" root access to a range of
command, somewhere between "ksh" and "ls". Different users can have access
to different commands. It should be not that difficult to give the vobadm
user access to "/usr/atria/bin/cleartool" and the two startup / shutdown
scripts. Additional access can follow.
I have been party to the debate over superuser access in the past. The type
of concerns expressed here about the "necessity" for root access I can
understand. But by using sudo you can acheive two things. Firstly, and
most importantly, you ensure that the responsibility for serious cockups
(reboots, removal of directories etc.) resides with the system admin "not me
guv, I don't have root access!" and secondly you will be able to see, pretty
quickly, how few Unix commands you actually need to execute as root.
Roy Chapman
External Consultant
Robert Bosch GmbH * (00 49) 0711/811-31795 / GSM (00 49)
0173/4887139
K5/ESQ * (00 49) 0711/811-31800
Postfach 20 02 40 * mailto:roy.chapman@de.bosch.com
D-70442 Stuttgart
> ----------
> Von: Aiello, Bob (Exchange)[SMTP:raiello@bear.com
> Gesendet: Mittwoch, 26. Januar 2000 22:09
> An: 'Mark Keil'; cciug@iname.com; Aiello, Bob (Exchange)
> Cc: cciug@Rational.Com
> Betreff: RE: [cciug] vobadm vs root
>
>
> I want to work for Jay! :-)
>
> But seriously, he is right because if you don't have the knowledge and the
> tools to do the job, you are just going to look bad. Being tied into the
> admin loop is a critical success factor. My only problem with all of this
> is
> that doing effective Process Consultation and Process Engineering isn't
> usually done by the admin team. (Poor process is where most large scale
> softwrae development efforts fail these days.)
>
> But Jay's points are well taken and we should all strive to communicate
> the
> importance of getting what we need to do the job right.
>
> Good luck all!
> Bob Aiello
>
> > -----Original Message-----
> > From: Mark Keil [SMTP:Mark.Keil@cportcorp.com
> > Sent: Wednesday, January 26, 2000 3:47 PM
> > To: cciug@iname.com; Aiello, Bob (Exchange)
> > Cc: cciug@Rational.Com
> > Subject: RE: [cciug] vobadm vs root
> >
> >
> >
> >
> > Bob/All,
> >
> > Thanks for the reply....
> >
> > You touched on a related subject that I think might be
> > sort of hot... Does the Clearcase admin need root
> > priv's??? You mentioned for example start/stop CC.
> >
> > -YES, backups, moving vobs, fix permissions problems,
> > -rebuilding broken .identity dirs, moving vobs/views,
> > -fixing system cointext issues, starting/stoping...
> >
> > My management is wanting to take su away and I'm
> > resisting!!!!
> >
> > -You will be less efective, and less timely without it.
> >
> > -If they do take it away, consider another company.
> > -At one company I interviewed with a while back
> > -they didn't give clearcase archetects/release engineers root
> > -they were an immediate reject.
> >
> > Thanks, Jay
> >
> >
> > -As for the vobadm/root question, BOTH are required
> > -I keep 4 process shells on my unix vob server
> > -at most times, 2 as myself, 1 vobadm, and 1 root.
> > - 4 contexts for 3 different classes of tasks.
> >
> > -Mark
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> >
> >
> >
> > http://clearcase.rational.com/cciug/mailing_list.html
>
>
> ***********************************************************************
> Bear Stearns is not responsible for any recommendation, solicitation,
> offer or agreement or any information about any transaction, customer
> account or account activity contained in this communication.
> ***********************************************************************
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
This archive was generated by hypermail 2b29 : Sun May 06 2001 - 00:22:40 EDT