I have a group of servers that I want to retain the users and their data. My problem is that my users already had root access to their servers and some have installed software using the root account. How do I allow them to continue having access to the software they had before but implement a root password at the same time?
For reference, the servers are running CentOS 6.6
You can use sudo file to allow specific applications to run as root .
Username ALL = NOPASSWD: application path
Replace the username and application as need.
Do you trust these users? If yes, just change root's password and check that there are no user ssh keys in /root/.ssh/authorized keys.
Properly installed software (i.e. either using configure && make && make install or using yum) will work without root privileges. If software is installed in a way that it needs root privileges to run, you'll have to reinstall that for the users.
If you don't trust these users, reinstall the machine.
The problem is, at the moment where they had root access, they could have put backdoors into place, which would enable them to become root later on.
