[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Too many admins..

To: List -- OpenBSD <misc@openbsd.org>
Subject: Re: Too many admins..
From: "Matthew C. Weigel" <weigel+@pitt.edu>
Date: Fri, 2 Jul 1999 10:52:13 -0400 (EDT)

On Fri, 2 Jul 1999, Majestic One wrote:

> others) working as root to often. So I wounder is there a group I can 
> place myself and the others in so I can work as normal user but have 

One solution would be to give everyone different responsibilities, and
permissions to match.  So we might have the users

tjl -- handles file system quotas, file system management, etc.
petrusz -- handles network profile (what services, plus NIS/NFS, etc.).
pimp --  handles something else that I can't think of right now.
m1 -- the overseeing admin.

Then you'd give each of them a different 'root' account:

tjl
diskadmn	(rw access to fstab, quota conf files)
petrusz
netadmn		(rw access to sendmail.cf, exports, etc.)
pimp
othadmn		(rw access to other.cf, extraneous.rc, etc.)
m1
root		(rw most everywhere)

And generally give them all read access everywhere so that they can check on
things that *they* shouldn't be able to change, but *someone* should.

And this is completely off the top of my head; consider it for merits and
flaws for yourself.

 Matthew Weigel                                       Programmer/Sysadmin
  weigel+@pitt.edu                             Operating Systems Advocate
                         http://www.pitt.edu/~weigel

References:
- Too many admins..
  - From: "Majestic One" <mirror.world@usa.net>

Prev by Date: stripping display sequences
Next by Date: Re: stripping display sequences
Prev by thread: Re: Too many admins..
Next by thread: stripping display sequences
Index(es):
- Date
- Thread