You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/confidential-computing/hardening-linux-image-to-remove-sudo-users.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,9 +20,9 @@ This "how to" shows you steps to remove sudo users from the Linux image and depl
20
20
The objective of this article is to create an admin-less Linux image for confidential VM deployments. Removing the guest admin has immense security value, it reduces admin privileges across OS.
21
21
22
22
Understanding different types of users in Unix/Linux systems:
23
-
- Admin user (sudoer): Regular users with additional permissions. These users can perform certain tasks that modify system configurations.
23
+
- Admin user (sudoer): Regular users with extra permissions. These users can perform certain tasks that modify system configurations.
24
24
25
-
- Regular user: Regular users are non-administrative users. They don't have permission to modify system configurations or install system-wide software.
25
+
- Regular user: Regular users are nonadministrative users. They don't have permission to modify system configurations or install system-wide software.
26
26
27
27
In the context of admin-less Linux images, the aim is to deploy systems without sudo users.
28
28
@@ -38,7 +38,7 @@ In the context of admin-less Linux images, the aim is to deploy systems without
38
38
39
39
The proposed solution results in a Linux image without sudo users.
40
40
41
-
Steps to create a generalized image which removes the sudo users are as follows:
41
+
Steps to create a generalized image that removes the sudo users are as follows:
@@ -84,7 +84,7 @@ If there are any users with sudo privileges, they are listed here,
84
84
umount /mnt/dev/$imagedevice
85
85
```
86
86
87
-
The image prepared does not include any sudo users, that can be used for creating the confidential VMs.
87
+
The image prepared does not include any sudo users that can be used for creating the confidential VMs.
88
88
89
89
Follow the steps [Create a custom image for Azure confidential VM](/azure/confidential-computing/how-to-create-custom-image-confidential-vm) to create an Azure confidential VM.
90
90
Use the admin-less image in step 4 of [Create a custom image for Azure confidential VM](/azure/confidential-computing/how-to-create-custom-image-confidential-vm) while doing azcopy and the rest of the steps remains the same.
0 commit comments