I know I'm not supposed to log in as root directly to configure things on my server. So, I always make a new account and add it to /etc/sudoers. I'd like to get some tips on configuring this maintenance account, however.
Do you give it a home directory? What do you call it? Where do you store your administration scripts? etc...
There are two schools of thought with this:
sudoIn the former, you just create an account that is "you". This is a strategy that you see with OS X and Ubuntu; the account is just a regular user account that happens to have the ability to change system settings. There are no special things to consider, just that you use sudo when invoking command line entries that are intended to change the system. In GUI-land, you will be prompted to enter a password to confirm that there is indeed a human being at the end of the keyboard, and not a malicious script or program, requesting the change.
In the later, the account is very specific to this role and you should only use it for those purposes. If you set up this kind of account, then you will want to make it uniform. If you have some kind of Single-Sign-On setup (SSO) then you should look at what that schema considers to be the "local administrator". For instance, if I join Ubuntu machines to a Windows domain and I want to have this kind of administrative account, I'll create a "localadmin" account with the name "Local Administrator", and then map the account as closely as possible to what the Windows domain controller considers to be "Local Administrator" on the machine. If you're using something like Kerberos, you might want to look at creating a Kerberos account that, when mapped locally, has membership in the adm group, and grant the adm group access to system resources via sudo. This creates a single "admin" account for all machines and provides additional isolation.
Regular user account, indistinguishable from any other user account. Without knowing what you mean by "admin scripts" that part can't be answered, but I can say I would never have them in the user's home folder.
Accounting (the lonely third A in AAA) suggests that you should be able to audit the activities of people with administrative access. The level of auditing you can do depends on how tightly you lock down sudo (i.e. if you let someone get a shell via sudo, you can't see what they do in that shell).
To be able to perform this auditing, you want to see precisely who elevated their privileges, so the account should be tied to an individual, not a role. The individual is taking on the role when they invoke sudo.
If you ever want to have two accounts able to perform the same administration tasks, you should give sudo access to both accounts rather than letting two different people log into the same account.
If you need a place to store shared scripts, create a directory hierarchy under /usr/local or /opt as your OS distribution and/or personal preferences dictate.
