|
Re: [Veritas-bu] Non-root administration
2008-07-02 09:40:23
On Wed, Jul 2, 2008 at 8:06 AM, Esson, Paul <Paul.Esson AT redstor DOT com> wrote:
Can I ask the
group with UNIX Master Servers how they administer NetBackup? We have just
moved up to 6.5 on Solaris 10 from 5.x and discovered the nonroot_admin script
is gone. I could re-apply the equivalent manually but this method obviously
has limitations.
I need to be able
to run various commands use these in scripts and edit certain files on the
Master and the UNIX admin won't give me root access. Will sudo help here?
We use sudo extensively here but then we use it to get root. Our DBAs use sudo to be able to kick off database restores from our master server.
A UNIX admin that will let you backup and restore his system but won't give you root access is being very shortsighted. If he thinks he's added any level of security at all, he's wrong. You can simply "restore" your own copy of the password file, sudoers, etc. If you are able to do backups and restores, you effectively have total control of those systems.
We have a good working relationship with our system admins - we manage the application from start to finish but they manage the OS, including patches. We always communicate what we're doing and why. Once you build that level of trust, you should be able to get the access you need to do your job completely.
If the admins are going to be pains, however, call them frequently in the middle of the night. Every time a backup job fails, wake them up and ask them to look at a log or config file. They'll get the hint... :-)
.../Ed
--
Ed Wilts, Mounds View, MN, USA
RHCE, BCFP, BCSD, SCSP, SCSE
mailto:ewilts AT ewilts DOT org
If I've helped you, please make a donation to my favorite charity at http://firstgiving.com/edwilts
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
|
|
