On ti, 19 joulu 2017, Ronald Wimmer via FreeIPA-users wrote:
On 2017-12-19 12:05, Jakub Hrozek via FreeIPA-users wrote:
[...]
I think the best practice is to restrict the commands the users can run
to a bare minimum. Letting them only through sudo (as opposed to sudo
su) has the advantage that
On 2017-12-19 12:05, Jakub Hrozek via FreeIPA-users wrote:
[...]
I think the best practice is to restrict the commands the users can run
to a bare minimum. Letting them only through sudo (as opposed to sudo
su) has the advantage that sudo sends all commands to the audit
subsystem. Also, if
On Tue, Dec 19, 2017 at 11:54:12AM +0100, Ronald Wimmer via FreeIPA-users wrote:
> We have some users that have ALL sudo permissions. What is the best way of
> keeping track of all actions they do after having switched to the root user?
> Or would it be better to completely prevent switching to