FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Server Development

 
 
LinkBack Thread Tools
 
Old 07-21-2011, 05:01 PM
Clint Byrum
 
Default Controlling shared admin privileges

Excerpts from Jorge Salamero Sanz's message of Thu Jul 21 07:50:26 -0700 2011:
> Hi all,
>
> I would like to ask what other sysadmins on this list use to keep an eye
> on what's going on the servers where you share admin privileges with
> other sysadmins and what good practices do you suggest:
>
> * sudo to restrict what others can run
>
> * etckeeper to track configuration changes
>
> * does anybody use auditd to log all commands?
>
> * anything else?

I like to have syslogs sent to a central log server, and then use swatch
for realtime monitoring (on a big monitor, or a shared screen that
everybody watches). It colorizes things based on patterns, so usually
there's some custom work to classify things. Its really just a poor man's
Splunk. At one organization, swatch would print sudo commands out with
blinking red text. That was interesting on days where all 100 machines
had to be updated for some security vulnerability.

There's also logwatch, which does something similar but via email (I
find it a bit too verbose in its default configuration though).

Also check out Dustin's new utility in oneiric, bootmail.. kind of cool,
emails you when the system reboots.

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 

Thread Tools




All times are GMT. The time now is 09:51 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org