Use of Root
dsr at tao.merseine.nu
dsr at tao.merseine.nu
Tue Feb 1 09:37:28 EST 2005
On Tue, Feb 01, 2005 at 08:36:58AM -0500, Kevin D. Clark wrote:
>
> Jerry Feldman writes:
>
> > Does the business want its programmers to spend
> > time installing and maintaining software?
>
> OTOH, does a business want its programmers twiddling their thumbs
> waiting for the IT staff to maintain and install software?
>
> There could be any number of reasons for this situation: overworked
> IT staff, the IT staff might not know how to install and maintain the
> software, the IT staff might not be familiar with the programmer's
> needs. Etc.
Speaking from the IT side:
Policies need to fit business requirements. Typically a company
has at least three classes of users:
- normal users, who can't be trusted with root even on their own
systems; they just make more work cleaning up after them. Some
of these want root anyway. There needs to be a policy in place
to prevent that, or else you get frazzled IT staff in a hurry.
- programmers and engineers who may need root for hardware
access, certainly want a comfortable, customized environment,
but don't want to be IT staff. Single-box sudo is often a good
option here; so is having a responsive IT team.
- IT and quasi-IT folks (like the person who runs a testing lab,
or a build/release engineer) may need widespread root privs,
but should be using sudo rather than su as much as possible.
Overworked IT staff generally indicates a lack of proper tools
as well as a possible headcount problem. IT staff being unable
to install and maintain software is strongly dependent on the
software itself; good software choices essentially eliminate
this.
Good software infrastructure, and good selection of software, is
the key to success.
-dsr-
--
Nothing to sig here, move along.
More information about the Discuss
mailing list