LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux > Linux - Server
Reload this Page Managing sudo on servers
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Tags used in this thread
Popular LQ Tags ,

Reply
 
Thread Tools
Old 11-05-2009, 03:07 PM   #1
fackamato
Member
 
Registered: Jul 2003
Posts: 33
Thanked: 0
Managing sudo on servers

[Log in to get rid of this advertisement]
Hi guys,

I've been given a project where I'm supposed to secure several servers running AIX in terms of SSH and sudo (SSH comes after sudo's finished). We have different groups running different applications on these servers, and they all need different permissions and reasons to use sudo.
I want it to be easy to maintain so I was thinking of having one master /etc/sudoers file somewhere, and when that gets updated, just push it out to all the servers, perhaps weekly with crontab. Information in the master sudoers file that doesn't apply to the server it's on (such as groups that doesn't exist, etc) shouldn't be a problem unless I've missed something, I suppose.

I also need to find out what permissions one would need to run/use the applications so I know what to add in the sudoers file. These apps are Tivoli, DB2 etc.

How would you do it, would you do it differently and if so, why?

Cheers,

M
windows_98_nt_2000 fackamato is offline  
Tag This Post ,
Reply With Quote
Old 11-06-2009, 12:26 AM   #2
kbp
Member
 
Registered: Aug 2009
Posts: 478
Thanked: 43
I'd probably go with puppet, gives you a platform in case they add something else to the list
linuxfedora kbp is offline     Reply With Quote
Old 11-06-2009, 12:40 AM   #3
amnesiavivace
LQ Newbie
 
Registered: Sep 2008
Location: Ohio
Distribution: suse, redhat, ubuntu, fedora
Posts: 17
Thanked: 0
Having all your sudo rules in one file can get quite cumbersome if your environment or user base is large. I would suggest LDAP for managing sudo and ssh access
windows_98_nt_2000 amnesiavivace is offline     Reply With Quote

Reply

Bookmarks


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with SUDO : sudo: pam_authenticate: Module is unknown cristoph_ Linux - Software 2 03-02-2009 08:12 PM
Managing Multiple Servers zokken Linux - Server 2 01-14-2009 01:49 PM
LXer: The Ultimate Sudo FAQ — To Sudo Or Not To Sudo? LXer Syndicated Linux News 0 02-25-2007 06:01 PM
LXer: Centeris CEO: Managing Linux servers in a Windows world LXer Syndicated Linux News 0 08-08-2006 05:21 PM
Tips for managing multiple linux servers benr77 Linux - General 3 09-14-2005 05:32 AM


All times are GMT -5. The time now is 07:50 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap - LinuxQuestions.org - Linux Forums
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
RSS2  LQ Podcast
RSS2  LQ Radio
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration