View Single Post
Old 21st July 2011
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 696
Default

We make fairly heavy use of sudoers file at work. Our backups account, for example, can run rsync without a password, but only when connecting from the backups servers. Our vidcon tech can manage/edit gatekeeper-related stuff on the firewalls but nothing else. Our helpdesk can run specific commands on remote servers, but only when connecting from the board office. And so on.

Much nicer than having 15-odd people knowing the root password.

But, the nicest thing about sudo is that every invocation is logged so we have an audit trail. Someone logged in as root (via console, su, ssh if enabled) can screw something up and we wouldn't know who did what or when.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote