Hi Harald, Thank you so much to guide to correct path and let me know how to move on, learn more from you. Indeed I am a developer not an admin, that's a good question for the headers of my company why there is no admin to manage the server in our company. Anyway this can not controlled by me, I am a developer leader just want to make sure my team member do correct things in server. I really like linux especially CentOS, I want learn more from you. Thank you again. Best Regards. On 08/09/2012 03:14 AM, Reindl Harald wrote: > > Am 08.08.2012 21:07, schrieb Heng Su: >> OK, assuming there is an jboss application server running under user >> 'jboss' in PRD server, and we have 4 developers want to update the jar >> file in that server. > look in the manuals for sftp / chroot and bind-mounts > >> they always login use same user 'jboss' to do updating file in server, >> how can I tell which guy doing what things cause the server down as they >> use same user account 'jboss'? > WHY do they user the same acount? > >> So I don't know how should I do as I am a shoddy server admin, so I use >> root to maintain the application server. then create 4 account in server >> for individual developer. So if they want copy, move or other operations >> on those deploy folder or files. Let them use sudo. Now I got all >> commands they did in /var/log/secure > a DEVELOPER has not to get sudo or even any shell to update > any files - never, really never > > they have only to update files and if needed get WEB-APLICATIONS > with cron-jobs behind to call CAREFUL DEFINED specific commands > > if you give different people sudo/root permeissions because > you are missing the knowledge how to maintain a server > in a secure way you are the wrong person with the wrong job > > how comes taht you ignore all teh security-news at least of the > recent two years? how comes that there is nobody in your comanpy > with the knowledge a admin needs? > -- Best Regards, Su Heng