I have a rather unique situation that I need to come up with a solution for. We have servers by which a remote team requires having root access to our servers to perform certain jobs. We need to still allow them root access, but deny them from the ability to use iptables, visudo & passwd.
We are going to force them to not be able to login as root any longer and to login with user accounts that have all root functionality except for the above mentioned functions.
Can someone describe to me what I would need to do to accommodate this?
would not that be the job of sudo? or you can look into jail or restricted/limited shell if sudo is not what you can use.
Leave a comment
- Windows File Permissions and Attributes
- What is the easiest way to upgrade my existing Perl 5.14 to Perl 5.16 on FreeBSD 9 using the ports system?
- Know if mysql has done its job
- Redirect https .com to https .co.uk without a valid SSL cert on .com without DNS change
- Why is it a bad idea to use customer email as from address