Re: [tlug] server installation best practices/ worksheet

[Patrick Kellaher <kalmite@example.com>]

Stuart Luppescu wrote:
> On å, 2007-05-26 at 00:18 +0900, Patrick Kellaher wrote:
>   
> > Just my 2 cents about #3, what dis-allowing root log ons does is
> > create 
> > a fine grained audit trail.  What to know which sysad logged in at a 
> > particular time and made that change that inadvertently killed
> > something 
> > else?  You will never know for sure if all the sysads log on with
> > root.  
> > su and sudo add entries into the logs so you know who was doing what
> > and 
> > when. 
> >     
>
> I never liked sudo, so I set up separate accounts for all admins (e.g.,
> rfred, rnaoko, etc.) and just change the uid to 0 for these accounts
> in /etc/passwd. I think this provides me with accountability, and if I
> see someone has logged in as actual ``root'', it sends up a red flag.
>   
That does have the same effect as su or sudo and works quite well.  
Although now the risk is are your admins running as the r users all the 
time or is it policy to either su to the superuser or log out of the 
normal user and log back in as superuser (assuming GUI)?