From: Santomauro, Deborah (deborah.santomauro@lmco.com)
Date: Wed Feb 11 2004 - 12:54:34 EST
Gurus,
I've looked at both RBAC and SUDO but neither one really appears to be the
answer to my problem. I have a user who was given "root" (this was done
under heavy protest but to no avail) on a Sun box (Solaris 8-Sun Fire 280).
What I need to do is:
1. continue to allow this user to have root privileges
2 not allow the user to change root's password or
3. to be able to log onto other systems on the network as root.
Since this is a single system, sudo would work well BUT the sudoers file
would end up being horribly long and difficult to maintain. Is there another
way of doing what is needed or perhaps someone already has an existing
sudoers file that may fit my needs? This whole scenario stems from the fact
that this system must meet set policies/compliances - i.e. changing root's
passwd every 45 days - and I know that the user is not being responsible. I
am ultimately the one who is responsible for this system meeting company
compliance. Ugly isn't it!!!
As always, will summarize.
TIA,
Deborah Santomauro
Unix System Administrator
Lockheed Martin-Enterprise Information Systems
Palmdale, CA 93599
Phone: 661-572-1178
Fax: 661-572-5398
It is not death that we should fear, but we should fear never beginning to
live - Marcus Aurelius
\|||//
(@@)
__ooO_(_)_Ooo____________________
|______|_____|_|_____|_____|_____|
|_____|_____|____|_____|_____|____|
|_____|_____|______|_______|______|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:02 EDT