OT: Root access policy

Polytropon freebsd at edvax.de
Thu Dec 29 09:58:50 UTC 2011

On Thu, 29 Dec 2011 04:01:42 -0500, Irk Ed wrote:
> For the first time, a customer is asking me for root access to said
> customer's servers.

Customer + root at server == !go; :-)

> Obviously, I must comply. At the same time, I cannot continue be
> accountable for those servers.

Fully correct. Check the contract you made with the
customer regarding responsibility and conclusions.

> Is this that simple and clear cut?

I'd think so. Maybe changing the contract is

> Assuming that I'll be asked to continue administering said servers, I guess
> I should at least enable accounting...

You could have better success using sudo. Make sure
the customer is allowed to "sudo <command>". The
sudo program will log _all_ things the customer
does, so you can be sure you can review actions.
Furthermore you don't need to give him the _real_
root password. He won't be able to "su root" or
to login as root, _real_ root. But he can use
the "sudo" prefix to issue commands "with root

> I'd appreciate comments/experience/advice from the wise...

Just a thought: "Parallel administration" (you _and_
the customer), both capable of using the power of
the root password, can lead to trouble. Avoid it
whenever possible, use "sudo" to satisfy the
demands of the customer. And make sure that - as
he now posesses immense power - you regulate the
responsibilities by CONTRACT: _you_ are not
responsible if he does "sudo rm -rf /" or
something similar.

I'd give the customer only that much access as
he actually needs. "Role based models" such as
they can be done without root passwords
(tools: sudo, super) can help here.

Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list