A few months back I noted that I’d be more concerned with security going forward. Among other things, this means using sudo for accounting and authorization. A mature system would configure this via Puppet or another CM tool. If you haven’t gotten there with your CM tool, or you are working on a standalone system, you can still enable basic sudo access with a few steps:
[root@puppet git]# useradd rnelson0 -c "Rob Nelson" [root@puppet git]# passwd rnelson0 Changing password for user rnelson0. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@puppet ~]# cat > /etc/sudoers.d/sudoadmins rnelson0 ALL=(ALL) ALL
- Add a local user.
- Set a password for the local user.
- Allow the user to use sudo for all commands.
This is a good start for a lab. In production, more granular sudo permissions should be used, in addition to a central user management system, like LDAP or ADS. And if you have to do this in more than one place, automation is a good idea.