The root of all evil. How to configure sudo on servers with Commando.io

A common question when setting up Commando.io is how can we add servers without using the root user. The answer is sudo. Sudo allows unprivileged users or groups to execute with the security privileges of another user or group (in our case root). Essentially this allows delegating root permissions to non-root users.

We created a short three minute video walking through the entire process using Commando.io and a CentOS 6.5 droplet on DigitalOcean. In the video, we show how to create a maintenance user, and then allow this user to run yum commands to install, remove, or update packages using sudo without prompting for a password. The same principle can be applied to creating a deploy user that is allowed to restart services such as nginx or apache.

Below are public links to the two recipes in the video for reference.

(RECIPE) CREATE MAINTENANCE USER
https://public.recipes/U5oFoM

(RECIPE) INSTALL RUBY
https://public.recipes/tlYP2e