Re: [CentOS] Sudo(ers) distrobution system/script

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




Just wondering if anyone out there is using sudo across a bunch of machines and has a system/script for painlessly distributing a master sudoers file? is it as easy as a daily cronjob running wget/ scp/rsync?

sudoers is just a text file; nothing magical about it. i'd recommend the following:

1) you can use rsync or whatnot to push sudoers out to other hosts, but you should use visudo to make your edits to the master copy. the syntax checking is worthwhile. 2) sudo is sensitive to permissions on /etc/sudoers; whatever method you use, make extra sure it's setting the permissions and ownership correctly.

on the other hand, if you have an LDAP infrastructure in place, you can just store sudoers in LDAP:

http://www.courtesan.com/sudo/readme_ldap.html

depending on how you're trying to scale this solution, this might be a better way to go altogether.

-steve

--
If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux