Infrastructure Software

Dear all,

I'm working on this project and this is the task required: Create a user and let this user perform all that the ROOT user can perform but shouldn't have UID 0. I'm sincerely new to this task but I challenged myself and made so many search on Google and this is what I was able to do.

1. I created a user --- testuser1
2. I created a role --- advrole
3. I added the Solaris predefined profile -- Primary Administrator Profile to the role advrole and added this role to the user testuser1.
4. I logged out from root and login with the newly created user i.e. testuser1.
5. I ran the command id and the user - testuser1 still has its UID defined by me when I was creating the user account (which is good as far as my task is concern).
6. In order to perform ROOT tasks when logged in with testuser1, I use su - advrole.
7. I can now do all that ROOT can do but whenever I run the id command, the advrole shows UID 0 (WHICH IS BAD FOR ME AS PER MY TASK).

My question is, I need to tell the customer that what they actually want isn't feasible in Solaris and the above is closer to what they want but I need to be sure if it's feasible or not before telling my customer?

Can anyone tell me if it's feasible and if so, how can it be done? Or if the way I did it is the only way, kindly let me know as well so that I can get back to them with a valid and concrete explanation.

P. S. The customer requires this because when doing auditing, their auditing software tracks users based on UID so therefore if every user will login and su - root, all will appear as done by the ROOT user because of the UID and a particular will not be held responsible.