this post was submitted on 30 Jul 2024
72 points (97.4% liked)

Linux

48287 readers
627 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I am going to ask if I may use linux for work. We are using windows but there is nothing that couldn't be done on linux. Privately, I am mainly a fedora user but I'd be happy with any OS and DE or wm. What do I need to look out for when I suggest an OS? What does a computer/ linux/DE need in order to be ready for enterprise workstation? Will I only have a user and no sudo rights? May I install all flatpak apps? Does the admin have to be able to remote ssh?

you are viewing a single comment's thread
view the rest of the comments
[–] digdilem@lemmy.ml 4 points 3 months ago

How it's set up depends on your business needs. We have a few hundred, and ow they're set up and managed is defined by a dozen or so groups. Base image to deploy, then ansible and config management to set up the roles.

Users are generally authorised via AD using sssd. Some have very specific Groups which have normal user access and occasionally sudo privs for specific commands. SSH, RDP or physical access.

Our sysadmins have local users with root privs, but most administration is done at scale using ansible or Uyuni.

Like everything, least privilege is the best way. AD allows us to quickly control access if someone leaves or is compromised, but it could equally be done with any central LDAP system and groups.