[CentOS] Sudo(ers) distrobution system/script

Steve Huff shuff at vecna.org
Thu Sep 7 14:08:41 UTC 2006

> Just wondering if anyone out there is using sudo across a bunch of  
> machines and has a system/script for painlessly distributing a  
> master sudoers file? is it as easy as a daily cronjob running wget/ 
> scp/rsync?

sudoers is just a text file; nothing magical about it.  i'd recommend  
the following:

1) you can use rsync or whatnot to push sudoers out to other hosts,  
but you should use visudo to make your edits to the master copy.  the  
syntax checking is worthwhile.
2) sudo is sensitive to permissions on /etc/sudoers; whatever method  
you use, make extra sure it's setting the permissions and ownership  

on the other hand, if you have an LDAP infrastructure in place, you  
can just store sudoers in LDAP:


depending on how you're trying to scale this solution, this might be  
a better way to go altogether.


If this were played upon a stage now, I could condemn it as an  
improbable fiction. - Fabian, Twelfth Night, III,v

More information about the CentOS mailing list