As a server operations, security is very important,
Because there is no formal operational aspects of the training, many operations that may be in you look more basic all know work mode, I may have not enough
Now, as far as the server account rights management and allocation problem with take out some don't understand, hope to have experience of friends can feel free to advise, thank you

The basic framework of the current company deployment is: nginx + tomcat + mysql
In addition will be installed as zabbix monitoring and elk log collection and other open source software
Server is done with centos7 system
Before all the installation and use of software is to use the root user to operate the
Considering the security is more and more attention now, want to account, to do some specification of rights management and distribution, don't want to use the root user to do anything

Want to know is that a mature operational account what is the distribution system of
Usually how much on each server to create user other than root?
Software installation and operation should not be by the root user to operate?
Should create an administrator account to install and run the system in the service?
Whether should be divided into three types of accounts, root, manager, normal
Then root only responsible for creating user
Manager is responsible for the installation only
Narmal only responsible for using the
Such allocation right

CodePudding user response:

I am a just to join the operations of the new, know little, say a, I just start to work before asked also seen Linux environment in most books as far as possible do not use root to operate if you need to root privileges, can use sudo use sudo right to mention only where necessary with root simply try not to use root to log in

CodePudding user response:

Centos installed CutyCapt, run by root in SSH can capture, but the web site to use command is always not successful, with a ladder swordfish and WDCP can, feeling is the website for WWW access is not enough, I put the site owners all folders and files to the root or not, don't understand this problem for a long time now