OT: Root access policy
mikel.king at olivent.com
Thu Dec 29 17:04:53 UTC 2011
On Dec 29, 2011, at 4:01 AM, Irk Ed wrote:
> For the first time, a customer is asking me for root access to said
> customer's servers.
> Obviously, I must comply. At the same time, I cannot continue be
> accountable for those servers.
> Is this that simple and clear cut?
> Assuming that I'll be asked to continue administering said servers, I guess
> I should at least enable accounting...
> I'd appreciate comments/experience/advice from the wise...
Call me paranoid but is your contract near term end?
In my experience this is usually a precursor to a end of year cost cutting service provider change. Specifically someone in sales's second cousin's nephew who saw a linux server once and thinks he's an expert.
I recommend that you complete a backup of everything prior to granting them sudo access. Possibly even run am md5sum against all important config files and save that in your back up as well.
Then give them well written explanation of why sudo is superior or at least safer to direct root access.
BSD News Network
More information about the freebsd-questions