[SunHELP] root passwd expired

[velociraptor]

On 11/29/05, Steve Sandau <ssandau at gwi.net> wrote:
> So, 'sudo passwd root' will work within an ssh or telnet session with an
> expired password? I thought I remembered that 'su -' failed. there's a
> difference?
>

Assuming that your sudo privs are set to: ALL = (ALL) ALL

I could test with a more limited set (toss me an example) if you like;
I have lab boxes I can fiddle with.

I used this two weeks ago when we got burned by root password
expiration on a few of our Solaris 8 & 9 servers--hence the comments
about the cron job as well.  :-/  Sysadmin->bullet->foot.

I have to say that I have been quite tempted to make root "*NP*" on
the Solaris 9 boxes and then just install public keys for each of us
that have to admin the boxes, but I know that on some bloody
horror story day I'd regret that choice.

Anyone have any other suggestion for avoiding the issue other than
making root not expire at all?  Does anyone know if Solaris 10 root
cron jobs stop working if the root password expires?

=Nadine=