[CentOS] How protect bash history file, do audit alike in server

Wed Aug 8 20:50:25 UTC 2012
Les Mikesell <lesmikesell at gmail.com>

On Wed, Aug 8, 2012 at 2:56 PM,  <m.roth at 5-cent.us> wrote:
> <flame, but not to you, Heng Su>
> VCS's that let multiple people check the same object out at the same
> time.... You're *exactly* back where you were before people were using
> VCSs.
> </flame>

Errr, what?  No sensible VCS forces you to wait for someone else to
finish their portion of the work.

> Extract to test, and test the damn thing. Then label it.
> Then, when they agree it's ok, you, the admin, get to install it, NOT THE
> DEVELOPERS!!!!! AND you extract it by label (or whatever the VCS calls it)
> to production directly from the VCS. You're guaranteed that the wrong file
> won't be moved to production.

That part is true enough, although it is not so much who does the
work, it is following the procedure.   If you are going to be picky
about who does what, there should really be a QA person involved that
makes the actual decision about what version should be running in
production in between the developers making changes and the operators
doing the installs.

   Les Mikesell
     lesmikesell at gmail.com