Add a sudoer account for the partner IT

bibliosansfrontieres / idbuntu

Ansible playbook for the laptops shipped with BSF's Ideasboxes. Migrated to https://gitlab.com/bibliosansfrontieres/ansible/idbuntu

https://gitlab.com/bibliosansfrontieres/ansible/idbuntu

0 stars 1 forks source link

Add a sudoer account for the partner IT #7

Closed letompouce closed 5 years ago

letompouce commented 6 years ago

We create a bsfadmin account for sysadmin purpose.

It happen that a partner wants to perform sysadmin stuff as well. Right now, there is no other mean that share the bsfadmin password.

We should create a sudoer account for the partner. This way, a local IT would be able to perform sysadmin tasks, using its own ssh keys / password / dotfiles /whatnot.

letompouce commented 6 years ago

Q: how should we name the account? A: we shall make it quite generic. localadmin for instance, would be meaningful in regard to the bsfadmin naming.

Q: how should we set the password? A: it should not be generic to all projects. Right now there is no project-specific information available to the playbook to derive something from it.

On a sidenote, we already document this feature, so the due date might be set to ASAP :-)