Tom Grove <[EMAIL PROTECTED]> writes: > You could even go so far as to limit what he can use sudo on. > > $>man sudo > > Giving him full root access is probably not a good idea.
In practice, this approach *is* effectively giving him full root access. Once you have to give the tech the ability to edit root-owned files, you have to trust his honesty. There are some important advantages to doing it through sudo, though: one is that it makes it easy for the user to keep track of just the root-privileged commands, and another is that it's easier for the user to avoid shooting himself in the foot. To watch everything done by the remote-connected tech, the most complete approach is probably watch(8), which is a much simpler way of getting everything typed on a particular tty. _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"