>Assuming it's internet facing.
It's NOT!! Luckily. :) Otherwise he'd be completely right.
> Second, sudoers should ALWAYS be edited with visudo, and you might do a
> here script....
>Hardly. If you're using any type of provisioning system with a tested
>template this type of thing is trivial to do right.
>Tim, if you're using C6 look into dropping a properly configured sudo
>config into /etc/sudoers.d instead of mucking with /etc/sudoers.conf.
Thanks, that'd be my preference. Although it's tough to tell if all sudoers
across the environment should be exactly the same. Probably not so I'm
attempting to append the file. I've done the original edit in visudo.. not
sure if that's enough for me to be confident in the line I'm attempting to
add however.
Tim
On Mon, Jul 8, 2013 at 5:17 PM, John R. Dennison <jrd@xxxxxxxxxxxx> wrote:
> On Mon, Jul 08, 2013 at 05:02:58PM -0400, m.roth@xxxxxxxxx wrote:
> >
> > Since doing what you did just told the world a username that they can try
> > to break in with.
>
> Assuming it's internet facing.
>
> > Second, sudoers should ALWAYS be edited with visudo, and you might do a
> > here script....
>
> Hardly. If you're using any type of provisioning system with a tested
> template this type of thing is trivial to do right.
>
> Tim, if you're using C6 look into dropping a properly configured sudo
> config into /etc/sudoers.d instead of mucking with /etc/sudoers.conf.
>
>
>
>
>
> John
> --
> TURKEY, n. A large bird whose flesh when eaten on certain religious
> anniversaries has the peculiar property of attesting piety and gratitude.
> Incidentally, it is pretty good eating.
>
> -- Ambrose Bierce, The Devil's Dictionary
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
