1 |
Vagner Rodrigues <vagner <at> litrixlinux.org> writes: |
2 |
|
3 |
|
4 |
> I work with another admin's and I never told me when they access and |
5 |
> for what my server to do something, I try log but this can be erased |
6 |
> and maybe mail can help me about access and with this I can Ask about |
7 |
> this access. |
8 |
|
9 |
|
10 |
Well, what the others have said rings very true. I'd just add a few things. |
11 |
If they have had root access on the system(s), and you want to remove them, |
12 |
it's very difficult (if they are knowledgeable) to do so, no matter what |
13 |
you do. It would be best to "re-install" that system(s)" just to be safe. |
14 |
Re installation may be the quickest solution, and brings finality |
15 |
to a comprimised system problem. |
16 |
|
17 |
|
18 |
If in the future, should you need to have several folks with extended |
19 |
privileges, then look into "sudo". It may or may not be a solution |
20 |
for your network. |
21 |
|
22 |
|
23 |
Personally, I like to "divide and conquer"; Split admin responsibilities |
24 |
across servers, and then one or two principals access/control everything |
25 |
and everyone.... That way you can document what other admins have done, |
26 |
with a variety of techniques and when servers are migrated to another |
27 |
admin, the new admin can document how things work or have been set up, |
28 |
to the point of training another admin. Often, particularly among the |
29 |
younger admins, folks do not like to perform a 'knowledge transfer' so |
30 |
when you switch admins, that situation gets flushed out..... |
31 |
|
32 |
|
33 |
caveat emptor! |
34 |
|
35 |
|
36 |
hth, |
37 |
James |