You need to report who has the root passwords and who is in the sudo files, and whether there are any other means of becoming root.  Powerbroker or other tools including Tivoli, puppet etc are included.  If you can run a puppet script as root, you’re root.

Sent from my iPad

On Apr 17, 2020, at 11:56 AM, John Malloy <jomalloy@gmail.com> wrote:



What is the best way to provide proof to an audit person who needs to know all the root/sudo users for  a RHEL 6 server?

(I am new at this company, and don't have access to all their resources) 

We can provide the /etc/passwd   &   /etc/sudoers file   (the auditor may not know how to read these files)

We also have the RedHat  Identity Management  running here, but I am not familiar with this tool.

Any suggestions would be appreciated.

Thanks!

_______________________________________________
bblisa mailing list
bblisa@bblisa.org
http://www.bblisa.org/mailman/listinfo/bblisa