[CentOS] Giving full administrator privileges through sudo on production systems
Jon LaBadie
jcu at labadie.usFri Aug 16 18:00:07 UTC 2019
- Previous message: [CentOS] Giving full administrator privileges through sudo on production systems
- Next message: [CentOS] Missing announcements for 20190815 updates
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, Aug 16, 2019 at 08:01:56AM -0500, Valeri Galtsev wrote: > > > > On Aug 16, 2019, at 6:21 AM, Warren Young <warren at etr-usa.com> wrote: > > > > On Aug 15, 2019, at 11:04 PM, Bagas Sanjaya <bagasdotme at gmail.com> wrote: > >> > >> Based on above cases, is it OK to give group of random users full administrator privileges using sudo, by adding them to sudoers with ALL privileges? Should sudoers call customer service number instead of sysadmin when something breaks? > > > > sudo is a tool for expressing and enforcing a site’s policies regarding superuser privilege. > > > > If your sudo configuration expresses and enforces those policies the way you want it to, then the configuration is correct. If it does not, then fix it. > > Incidentally, sudo stands for substitute user do. Meaning: executing something as a different user. I keep repeading it to proficient Linux users who sometimes need my help too, amazingly they all percieve it as a super user do, not as a substitute user do. Even though “man sudo” says in the first line: - execute a command as another user… > > Just mentioning. > > Valeri > Hear, hear, +1. And if I may add, a similar comment may be applied to "su". jl -- Jon H. LaBadie jon at jgcomp.com 11226 South Shore Rd. (703) 787-0688 (H) Reston, VA 20190 (703) 935-6720 (C)
- Previous message: [CentOS] Giving full administrator privileges through sudo on production systems
- Next message: [CentOS] Missing announcements for 20190815 updates
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list