root equivalent user - Linux

This is a discussion on root equivalent user - Linux ; Hi! VERY new to Linux, so please be patient with me! I work for an ISP, and I have setup a dedicated Redhat Linux 9 server for a client. We would like to reserve the root user for our support ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: root equivalent user

  1. root equivalent user

    Hi! VERY new to Linux, so please be patient with me!

    I work for an ISP, and I have setup a dedicated Redhat Linux 9 server for a
    client. We would like to reserve the root user for our support staff to
    help the client later. However, the client needs a "root equivalent"
    account to manage their server.

    Is there a way to provide a given user account with the equivalent
    privileges that root has?

    Thanks!
    Ed






  2. Re: root equivalent user

    Ed shaped electrons to say:
    > Hi! VERY new to Linux, so please be patient with me!
    >
    > I work for an ISP, and I have setup a dedicated Redhat Linux 9 server for a
    > client. We would like to reserve the root user for our support staff to
    > help the client later. However, the client needs a "root equivalent"
    > account to manage their server.
    >
    > Is there a way to provide a given user account with the equivalent
    > privileges that root has?


    Investigate the "sudo" command, and use it to limit the things they can
    do as root to the minimum necessary set of stuff.

    The sort of things they want to do matter!

    --
    Gregory G. "Wolfe" Woodbury `-_-' Owner/Admin: wolves.durham.nc.us
    ggw at wolves.durham.nc.us U
    "The Line Eater is a boojum snark." Hug your wolf.

  3. Re: root equivalent user

    "Ed" wrote in message news:...
    > Hi! VERY new to Linux, so please be patient with me!
    >
    > I work for an ISP, and I have setup a dedicated Redhat Linux 9 server for a
    > client. We would like to reserve the root user for our support staff to
    > help the client later. However, the client needs a "root equivalent"
    > account to manage their server.
    >
    > Is there a way to provide a given user account with the equivalent
    > privileges that root has?
    >
    > Thanks!
    > Ed


    If the client knows what they are doing, you really ought to share the
    root login with them. If you are frightened they will lock you out,
    then create a second login name with the same UID and GID numbers as
    root. It will have a separate password, but in most other respects be
    indistinguishable.

    If you are more paranoid than that, then look at something like sudo.
    There is a file, usually called /etc/sudoers . See man sudo and man
    sudoers for the gorey details. It's not without holes, and there is
    a conflict between giving your user enough access and giving them free
    reign throughout your infrastructure. You need to make sure that you
    have some sort of firewall between a remotely managed machine and
    others that you value separately.

    Your switch/router supplier should be able to advise on a suitable
    internal architecture if you don't have the expertise in house. It
    can mainly be done by tcpip subnetting, I'd have thought. But nothing
    is secure against someone cleverer than you, by definition. Knowledge
    of your customer is best.

+ Reply to Thread