[CentOS] Sudo(ers) distrobution system/script
Steve Huff
shuff at vecna.org
Thu Sep 7 14:08:41 UTC 2006
> Just wondering if anyone out there is using sudo across a bunch of
> machines and has a system/script for painlessly distributing a
> master sudoers file? is it as easy as a daily cronjob running wget/
> scp/rsync?
sudoers is just a text file; nothing magical about it. i'd recommend
the following:
1) you can use rsync or whatnot to push sudoers out to other hosts,
but you should use visudo to make your edits to the master copy. the
syntax checking is worthwhile.
2) sudo is sensitive to permissions on /etc/sudoers; whatever method
you use, make extra sure it's setting the permissions and ownership
correctly.
on the other hand, if you have an LDAP infrastructure in place, you
can just store sudoers in LDAP:
http://www.courtesan.com/sudo/readme_ldap.html
depending on how you're trying to scale this solution, this might be
a better way to go altogether.
-steve
--
If this were played upon a stage now, I could condemn it as an
improbable fiction. - Fabian, Twelfth Night, III,v
More information about the CentOS
mailing list