I've been reading a bunch of posts that have been covering the idea of "making another root account". I read this KB article from VMware when it first came out and said "how dumb, no thanks". I didn't realize it would cause such a stir.

When I design new systems and deploy new applications and processes at my work, a large part of the discussion in my mind is how much support work will this new procedure cause. Initial deployment is typically all a project planner thinks about. That is a small cost in the overall picture from my experience.

Adding an additional root level account introduces the following support issues:

  • An account that has to be audited
  • An account that has to have a regular password update which means tracking that password
  • An account that needs to have the password distributed to various individuals
  • An attack vector that must be considered or contained

Anyone that immediately says these are trivial never has had to maintain this for thousands of accounts from the top down to the actual account. It might be simple to do though when you start adding this to every procedure you have, it adds up.

Now why would you need another root account? I'm doing everything I can to get rid of all usage of it. sudo does 99.99% of everything I need to do with root level privileges in ESX. If I could add a host into VirtualCenter using a user account instead of root I'd be happy to disable logins using root. There is only one situation I can think of that I need root for and if the host is that screwed up, I'll most likely be rebooting it anyways.

Not much use for root honestly. Fight the power. As a fellow blogger says so elegantly, "Just cause you can doesn't mean you should".