Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] server installation best practices/ worksheet



Stuart Luppescu wrote:
On å, 2007-05-26 at 00:18 +0900, Patrick Kellaher wrote:
Just my 2 cents about #3, what dis-allowing root log ons does is
create a fine grained audit trail. What to know which sysad logged in at a particular time and made that change that inadvertently killed
something else? You will never know for sure if all the sysads log on with
root. su and sudo add entries into the logs so you know who was doing what
and when.

I never liked sudo, so I set up separate accounts for all admins (e.g.,
rfred, rnaoko, etc.) and just change the uid to 0 for these accounts
in /etc/passwd. I think this provides me with accountability, and if I
see someone has logged in as actual ``root'', it sends up a red flag.
That does have the same effect as su or sudo and works quite well. Although now the risk is are your admins running as the r users all the time or is it policy to either su to the superuser or log out of the normal user and log back in as superuser (assuming GUI)?


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links