LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 11-05-2009, 03:07 PM   #1
fackamato
Member
 
Registered: Jul 2003
Posts: 34

Rep: Reputation: 15
Managing sudo on servers


Hi guys,

I've been given a project where I'm supposed to secure several servers running AIX in terms of SSH and sudo (SSH comes after sudo's finished). We have different groups running different applications on these servers, and they all need different permissions and reasons to use sudo.
I want it to be easy to maintain so I was thinking of having one master /etc/sudoers file somewhere, and when that gets updated, just push it out to all the servers, perhaps weekly with crontab. Information in the master sudoers file that doesn't apply to the server it's on (such as groups that doesn't exist, etc) shouldn't be a problem unless I've missed something, I suppose.

I also need to find out what permissions one would need to run/use the applications so I know what to add in the sudoers file. These apps are Tivoli, DB2 etc.

How would you do it, would you do it differently and if so, why?

Cheers,

M
 
Old 11-06-2009, 12:26 AM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,758

Rep: Reputation: 644Reputation: 644Reputation: 644Reputation: 644Reputation: 644Reputation: 644
I'd probably go with puppet, gives you a platform in case they add something else to the list
 
Old 11-06-2009, 12:40 AM   #3
amnesiavivace
LQ Newbie
 
Registered: Sep 2008
Location: Ohio
Distribution: suse, redhat, ubuntu, fedora
Posts: 17

Rep: Reputation: 0
Having all your sudo rules in one file can get quite cumbersome if your environment or user base is large. I would suggest LDAP for managing sudo and ssh access
 
  


Reply

Tags
aix, sudo


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The Ultimate Sudo FAQ To Sudo Or Not To Sudo? LXer Syndicated Linux News 13 04-13-2013 02:36 AM
Problem with SUDO : sudo: pam_authenticate: Module is unknown cristoph_ Linux - Software 2 03-02-2009 08:12 PM
Managing Multiple Servers zokken Linux - Server 2 01-14-2009 01:49 PM
LXer: Centeris CEO: Managing Linux servers in a Windows world LXer Syndicated Linux News 0 08-08-2006 05:21 PM
Tips for managing multiple linux servers benr77 Linux - General 3 09-14-2005 05:32 AM


All times are GMT -5. The time now is 03:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration